Drop Puppet 5 support, require >= 6.15.0 + drop pluginsync & jruby9k parameters

manifests/agent/config.pp

@@ -35,16 +35,6 @@
     }
   }
 
-  unless $puppet::pluginsync {
-    if versioncmp($facts['puppetserver'], '6.0.0') >= 0 {
-      fail('pluginsync is no longer a setting in Puppet 6')
-    } else {
-      puppet::config::agent { 'pluginsync':
-        value => $puppet::pluginsync,
-      }
-    }
-  }
-
   $puppet::agent_additional_settings.each |$key,$value| {
     puppet::config::agent { $key: value => $value }
   }

manifests/init.pp

@@ -26,8 +26,6 @@
 #
 # $port::                                   Override the port of the master we connect to.
 #
-# $pluginsync::                             Enable pluginsync.
-#
 # $splay::                                  Switch to enable a random amount of time
 #                                           to sleep before each run.
 #
@@ -224,7 +222,6 @@
 # $server_external_nodes::                  External nodes classifier executable
 #
 # $server_trusted_external_command::        The external trusted facts script to use.
-#                                           (Puppet >= 6.11 only).
 #
 # $server_git_repo::                        Use git repository as a source of modules
 #
@@ -364,14 +361,14 @@
 # $server_max_requests_per_instance::       Max number of requests a jruby instances will handle. Defaults to 0 (disabled)
 #
 # $server_max_queued_requests::             The maximum number of requests that may be queued waiting to borrow a
-#                                           JRuby from the pool. (Puppetserver 5.x only)
-#                                           Defaults to 0 (disabled) for Puppetserver >= 5.0
+#                                           JRuby from the pool.
+#                                           Defaults to 0 (disabled).
 #
 # $server_max_retry_delay::                 Sets the upper limit for the random sleep set as a Retry-After header on
-#                                           503 responses returned when max-queued-requests is enabled. (Puppetserver 5.x only)
-#                                           Defaults to 1800 for Puppetserver >= 5.0
+#                                           503 responses returned when max-queued-requests is enabled.
+#                                           Defaults to 1800.
 #
-# $server_multithreaded::                   Use multithreaded jruby. (Puppetserver >= 6.8 only).  Defaults to false.
+# $server_multithreaded::                   Use multithreaded jruby. Defaults to false.
 #
 # $server_idle_timeout::                    How long the server will wait for a response on an existing connection
 #
@@ -430,8 +427,6 @@
 #                                           completed.
 #                                           Defaults to 30000, using the Jetty default of 30s
 #
-# $server_puppetserver_jruby9k::            For Puppetserver 5, use JRuby 9k? Defaults to false
-#
 # $server_puppetserver_metrics::            Enable puppetserver http-client metrics
 #                                           Defaults to false because that's the Puppet Inc. default behaviour.
 #
@@ -455,9 +450,9 @@
 # $server_metrics_allowed::                 Specify metrics to allow in addition to those in the default list
 #                                           Defaults to undef
 #
-# $server_puppetserver_experimental::       For Puppetserver 5, enable the /puppet/experimental route? Defaults to true
+# $server_puppetserver_experimental::       Enable the /puppet/experimental route? Defaults to true
 #
-# $server_puppetserver_auth_template::      Template for generating /etc/puppetlabs/puppetserver/conf.d/auth.conf 
+# $server_puppetserver_auth_template::      Template for generating /etc/puppetlabs/puppetserver/conf.d/auth.conf
 #
 # $server_puppetserver_trusted_agents::     Certificate names of puppet agents that are allowed to fetch *all* catalogs
 #                                           Defaults to [] and all agents are only allowed to fetch their own catalogs.
@@ -547,7 +542,7 @@
 #
 #   class {'puppet':
 #     agent_noop => true,
-#     version    => '6.11.0-1',
+#     version    => '6.15.0-1',
 #   }
 #
 class puppet (
@@ -568,7 +563,6 @@
   Optional[Variant[String,Hash,Array]] $package_install_options = $puppet::params::package_install_options,
   Optional[Variant[Stdlib::Absolutepath, Stdlib::HTTPUrl]] $package_source = $puppet::params::package_source,
   Integer[0, 65535] $port = $puppet::params::port,
-  Boolean $pluginsync = $puppet::params::pluginsync,
   Boolean $splay = $puppet::params::splay,
   Variant[Integer[0],Pattern[/^\d+[smhdy]?$/]] $splaylimit = $puppet::params::splaylimit,
   Variant[Boolean, Stdlib::Absolutepath] $autosign = $puppet::params::autosign,
@@ -701,7 +695,6 @@
   Boolean $server_environment_class_cache_enabled = $puppet::params::server_environment_class_cache_enabled,
   Boolean $server_allow_header_cert_info = $puppet::params::server_allow_header_cert_info,
   Integer[0] $server_web_idle_timeout = $puppet::params::server_web_idle_timeout,
-  Boolean $server_puppetserver_jruby9k = $puppet::params::server_puppetserver_jruby9k,
   Boolean $server_puppetserver_metrics = false,
   Boolean $server_puppetserver_profiler = false,
   Boolean $server_metrics_jmx_enable = $puppet::params::server_metrics_jmx_enable,

manifests/params.pp

@@ -9,7 +9,6 @@
   $group               = 'puppet'
   $ip                  = '0.0.0.0'
   $port                = 8140
-  $pluginsync          = true
   $splay               = false
   $splaylimit          = 1800
   $runinterval         = 1800
@@ -265,7 +264,7 @@
 
   $puppet_major = regsubst($::puppetversion, '^(\d+)\..*$', '\1')
 
-  if ($facts['os']['family'] =~ /(FreeBSD|DragonFly)/ and versioncmp($puppet_major, '5') >= 0) {
+  if ($facts['os']['family'] =~ /(FreeBSD|DragonFly)/) {
     $server_package = "puppetserver${puppet_major}"
   } else {
     $server_package = undef
@@ -407,15 +406,9 @@
 
   $server_puppetserver_version      = undef
 
-  # Puppetserver 5.x Which auth.conf shall we use?
+  # Which auth.conf shall we use?
   $server_use_legacy_auth_conf      = false
 
-  # For Puppetserver 5, use JRuby 9k?
-  $server_puppetserver_jruby9k      = false
-
-  # this switch also controls Ruby profiling, by default disabled for Puppetserver 2.x, enabled for 5.x
-  $server_puppetserver_metrics = undef
-
   # Puppetserver metrics shipping
   $server_metrics_jmx_enable        = true
   $server_metrics_graphite_enable   = false
@@ -425,7 +418,7 @@
   $server_metrics_graphite_interval = 5
   $server_metrics_allowed           = undef
 
-  # For Puppetserver 5, should the /puppet/experimental route be enabled?
+  # Should the /puppet/experimental route be enabled?
   $server_puppetserver_experimental = true
 
   # For custom auth.conf settings allow passing in a template

manifests/server.pp

@@ -61,7 +61,6 @@
 # $external_nodes::                    External nodes classifier executable
 #
 # $trusted_external_command::          The external trusted facts script to use.
-#                                      (Puppet >= 6.11 only).
 #
 # $git_repo::                          Use git repository as a source of modules
 #
@@ -194,14 +193,14 @@
 # $max_requests_per_instance::         Max number of requests per jruby instance. Defaults to 0 (disabled)
 #
 # $max_queued_requests::               The maximum number of requests that may be queued waiting to borrow a
-#                                      JRuby from the pool. (Puppetserver 5.x only)
-#                                      Defaults to 0 (disabled) for Puppetserver >= 5.0
+#                                      JRuby from the pool.
+#                                      Defaults to 0 (disabled).
 #
 # $max_retry_delay::                   Sets the upper limit for the random sleep set as a Retry-After header on
-#                                      503 responses returned when max-queued-requests is enabled. (Puppetserver 5.x only)
-#                                      Defaults to 1800 for Puppetserver >= 5.0
+#                                      503 responses returned when max-queued-requests is enabled.
+#                                      Defaults to 1800 for
 #
-# $multithreaded::                     Use multithreaded jruby. (Puppetserver >= 6.8 only).  Defaults to false.
+# $multithreaded::                     Use multithreaded jruby. Defaults to false.
 #
 # $idle_timeout::                      How long the server will wait for a response on an existing connection
 #
@@ -253,8 +252,6 @@
 # $allow_header_cert_info::            Allow client authentication over HTTP Headers
 #                                      Defaults to false, is also activated by the $http setting
 #
-# $puppetserver_jruby9k::              For Puppetserver 5, use JRuby 9k? Defaults to false
-#
 # $puppetserver_metrics::              Enable puppetserver http-client metrics
 #                                      Defaults to false because that's the Puppet Inc. default behaviour.
 #
@@ -278,9 +275,9 @@
 # $metrics_allowed::                   Specify metrics to allow in addition to those in the default list
 #                                      Defaults to undef
 #
-# $puppetserver_experimental::         For Puppetserver 5, enable the /puppet/experimental route? Defaults to true
+# $puppetserver_experimental::         Enable the /puppet/experimental route? Defaults to true
 #
-# $puppetserver_auth_template::        Template for generating /etc/puppetlabs/puppetserver/conf.d/auth.conf 
+# $puppetserver_auth_template::        Template for generating /etc/puppetlabs/puppetserver/conf.d/auth.conf
 #
 # $puppetserver_trusted_agents::       Certificate names of agents that are allowed to fetch *all* catalogs. Defaults to empty array
 #
@@ -419,7 +416,6 @@
   Boolean $check_for_updates = $puppet::server_check_for_updates,
   Boolean $environment_class_cache_enabled = $puppet::server_environment_class_cache_enabled,
   Boolean $allow_header_cert_info = $puppet::server_allow_header_cert_info,
-  Boolean $puppetserver_jruby9k = $puppet::server_puppetserver_jruby9k,
   Optional[Boolean] $puppetserver_metrics = $puppet::server_puppetserver_metrics,
   Boolean $puppetserver_profiler = $puppet::server_puppetserver_profiler,
   Boolean $metrics_jmx_enable = $puppet::server_metrics_jmx_enable,
@@ -452,12 +448,8 @@
     $real_puppetserver_version = $puppetserver_version
   } elsif versioncmp($facts['puppetversion'], '7.0.0') >= 0 {
     $real_puppetserver_version = '7.0.0'
-  } elsif versioncmp($facts['puppetversion'], '6.11.0') >= 0 {
-    $real_puppetserver_version = '6.11.0'
-  } elsif versioncmp($facts['puppetversion'], '6.0.0') >= 0 {
-    $real_puppetserver_version = '6.0.0'
   } else {
-    $real_puppetserver_version = '5.3.6'
+    $real_puppetserver_version = '6.15.0'
   }
 
   if versioncmp($real_puppetserver_version, '7.0.0') >= 0 {

manifests/server/config.pp

@@ -44,9 +44,6 @@
   }
 
   if $trusted_external_command {
-    if versioncmp($puppet::server::real_puppetserver_version, '6.11') < 0 {
-      fail('$server_trusted_external_command is only available for Puppet > 6.11')
-    }
     puppet::config::master {
       'trusted_external_command': value => $trusted_external_command,
     }
@@ -157,17 +154,9 @@
 
   # Generate a new CA and host cert if our host cert doesn't exist
   if $puppet::server::ca {
-    if versioncmp($puppet::server::real_puppetserver_version, '6.0') > 0 {
-      $creates = $puppet::server::ssl_ca_cert
-      $command = "${puppet::puppetserver_cmd} ca setup"
-    } else {
-      $creates = $puppet::server::ssl_cert
-      $command = "${puppet::puppet_cmd} cert --generate ${puppet::server::certname} --allow-dns-alt-names"
-    }
-
     exec {'puppet_server_config-generate_ca_cert':
-      creates => $creates,
-      command => $command,
+      creates => $puppet::server::ssl_ca_cert,
+      command => "${puppet::puppetserver_cmd} ca setup",
       umask   => '0022',
       require => [
         Concat["${puppet::server::dir}/puppet.conf"],

manifests/server/puppetserver.pp

@@ -110,7 +110,6 @@
   $server_use_legacy_auth_conf            = $puppet::server::use_legacy_auth_conf,
   $server_check_for_updates               = $puppet::server::check_for_updates,
   $server_environment_class_cache_enabled = $puppet::server::environment_class_cache_enabled,
-  $server_jruby9k                         = $puppet::server::puppetserver_jruby9k,
   $server_metrics                         = $puppet::server::puppetserver_metrics,
   $server_profiler                        = $puppet::server::puppetserver_profiler,
   $metrics_jmx_enable                     = $puppet::server::metrics_jmx_enable,
@@ -140,8 +139,8 @@
 ) {
   include puppet::server
 
-  if versioncmp($server_puppetserver_version, '5.3.6') < 0 {
-    fail('puppetserver <5.3.6 is not supported by this module version')
+  if versioncmp($server_puppetserver_version, '6.15.0') < 0 {
+    fail('puppetserver <6.15.0 is not supported by this module version')
   }
 
   $puppetserver_package = pick($puppet::server::package, 'puppetserver')
@@ -186,16 +185,11 @@
       changes => "set BOOTSTRAP_CONFIG '\"${bootstrap_paths}\"'",
     }
 
-    $jruby_jar_changes = $server_jruby9k ? {
-      true    => "set JRUBY_JAR '\"/opt/puppetlabs/server/apps/puppetserver/jruby-9k.jar\"'",
-      default => 'rm JRUBY_JAR'
-    }
-
     augeas { 'puppet::server::puppetserver::jruby_jar':
       lens    => 'Shellvars.lns',
       incl    => $config,
       context => "/files${config}",
-      changes => $jruby_jar_changes,
+      changes => 'rm JRUBY_JAR',
     }
 
     $ensure_max_open_files = $max_open_files ? {

metadata.json

@@ -35,7 +35,7 @@
   "requirements": [
     {
       "name": "puppet",
-      "version_requirement": ">= 5.5.8 < 8.0.0"
+      "version_requirement": ">= 6.15.0 < 8.0.0"
     }
   ],
   "operatingsystem_support": [

spec/acceptance/puppetserver_latest_spec.rb

@@ -33,18 +33,6 @@ class { 'puppet':
           server                => true,
           server_max_open_files => 32143,
         }
-
-        # Puppet 5 + puppet/systemd 3 workaround
-        # Also a possible systemd bug on Ubuntu 20.04
-        # https://github.com/theforeman/puppet-puppet/pull/779#issuecomment-886847275
-        if $puppet::server_max_open_files and (versioncmp($facts['puppetversion'], '6.1') < 0 or $facts['os']['name'] == 'Ubuntu' and $facts['os']['release']['major'] == '20.04') {
-          exec { 'puppetserver-systemctl-daemon-reload':
-            command     => 'systemctl daemon-reload',
-            refreshonly => true,
-            path        => $facts['path'],
-            subscribe   => File['/etc/systemd/system/puppetserver.service.d/limits.conf'],
-          }
-        }
         MANIFEST
       end
     end

spec/acceptance/puppetserver_upgrade_spec.rb

@@ -20,17 +20,18 @@
   when 'puppet6'
     from_version = '6.7.0'
     to_version = '6.7.2'
-  when 'puppet5'
-    from_version = '5.3.6'
-    to_version = '5.3.7'
   else
     raise 'Unsupported Puppet collection'
   end
 
   case fact('osfamily')
   when 'Debian'
-    from_version_exact = "#{from_version}-1#{fact('lsbdistcodename')}"
-    to_version_exact = "#{to_version}-1#{fact('lsbdistcodename')}"
+    if ENV['BEAKER_PUPPET_COLLECTION'] == 'puppet6'
+      # Facter 3 needs lsb-release for the os.distro.codename fact
+      on default, puppet('resource package lsb-release ensure=installed')
+    end
+    from_version_exact = "#{from_version}-1#{fact('os.distro.codename')}"
+    to_version_exact = "#{to_version}-1#{fact('os.distro.codename')}"
   else
     from_version_exact = from_version
     to_version_exact = to_version