(CAT-378) README.md / REFERENCE.md fixes

david22swan · david22swan · commit 47564d36db71 · 2023-08-30T12:50:22.000+01:00
diff --git a/README.md b/README.md
@@ -549,12 +549,13 @@ And run the tests from the root of the source code:
 bundle exec rake parallel_spec
 ```
 
-See also `.travis.yml` for information on running the acceptance and other tests.
+See the Github Action runs for information on running the acceptance and other tests.
 
 ### Migration path to v7.0.0
 
-As of `v7.0.0` of this module a major rework has been done to adopt the [puppet-resource_api](https://github.com/puppetlabs/puppet-resource_api) into the module and use it style of code in place of the original form of Puppet Type and Providers. As part of this several breaking changes where made to the code that will need to be accounted for whenever you update to this new version of the module.
-These changes include:
+As of `v7.0.0` of this module a major rework has been done to adopt the [puppet-resource_api](https://github.com/puppetlabs/puppet-resource_api) into the module and use it style of code in place of the original form of Puppet Type and Providers. This was done in the most part to increase the ease with with the module could be maintained and updated in the future, the changes helping to structure the module in such a way as to be more easily understood and altered going forward.
+
+As part of this process several breaking changes where made to the code that will need to be accounted for whenever you update to this new version of the module, with these changes including:
 
 * The `provider` attibute within the `firewall` type has been renamed to `protocol`, both to bring it in line with the matching attribute within the `firewallchain` type and due to the resource_api forbidding the use of `provider` as a attribute name. As part of this the attribute has also been updated to accept `IPv4` and `IPv6` in place of `iptables` or `ip6tables`, though they are still valid as input.
 * The `action` attribute within the `firewall` type has been removed as it was merely a restricted version of the `jump` attribute, both of them managing the same function, this being reasoned as a way to enforce the use of generic parameters. From this point the parameters formerly unique to `action` should now be passed to `jump`.
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -556,7 +556,9 @@ _*this data type contains a regex that may not be accurately reflected in genera
 
       ctstate => ['! INVALID', 'ESTABLISHED']
 
-      Note: this will negate all passed states, it is not possible to negate a single one of the array.
+      Note:
+        This will negate all passed states, it is not possible to negate a single one of the array.
+        In order to maintain compatibility it is also possible to negate all values given in the array to achieve the same behaviour.
 
 ##### `ctstatus`
 
@@ -582,7 +584,9 @@ _*this data type contains a regex that may not be accurately reflected in genera
 
         ctstatus => ['! EXPECTED', 'CONFIRMED']
 
-      Note: this will negate all passed states, it is not possible to negate a single one of the array.
+      Note:#{' '}
+        This will negate all passed states, it is not possible to negate a single one of the array.
+        In order to maintain compatibility it is also possible to negate all values given in the array to achieve the same behaviour.
 
 ##### `date_start`
 
@@ -637,7 +641,9 @@ _*this data type contains a regex that may not be accurately reflected in genera
 
           dport => ['! 54','23']
 
-      Note: this will negate all passed ports, it is not possible to negate a single one of the array.
+      Note:
+        This will negate all passed ports, it is not possible to negate a single one of the array.
+        In order to maintain compatibility it is also possible to negate all values given in the array to achieve the same behaviour.
 
 ##### `dst_cc`
 
@@ -1392,7 +1398,9 @@ _*this data type contains a regex that may not be accurately reflected in genera
 
           sport => ['! 54','23']
 
-      Note: this will negate all passed ports, it is not possible to negate a single one of the array.
+      Note:
+        This will negate all passed ports, it is not possible to negate a single one of the array.
+        In order to maintain compatibility it is also possible to negate all values given in the array to achieve the same behaviour.
 
 ##### `src_cc`
 
@@ -1503,7 +1511,9 @@ _*this data type contains a regex that may not be accurately reflected in genera
 
           state => ['! INVALID', 'ESTABLISHED']
 
-      Note: this will negate all passed states, it is not possible to negate a single one of the array.
+      Note:
+        This will negate all passed states, it is not possible to negate a single one of the array.
+        In order to maintain compatibility it is also possible to negate all values given in the array to achieve the same behaviour.
 
 ##### `string`
 
diff --git a/lib/puppet/provider/firewall/firewall.rb b/lib/puppet/provider/firewall/firewall.rb
@@ -469,7 +469,7 @@ def insync?(context, _name, property_name, is_hash, should_hash)
   # Retrieve the rules
   # Optional values lets you return a simplified set of data, used for determining order when adding/updating/deleting rules,
   #   while also allowing for the protocols used to retrieve the rules to be limited.
-  # @api.private
+  # @api private
   def self.get_rules(context, basic, protocols = ['IPv4', 'IPv6'])
     # Create empty return array
     rules = []
@@ -498,7 +498,7 @@ def self.get_rules(context, basic, protocols = ['IPv4', 'IPv6'])
   end
 
   # Simplified version of 'self.rules_to_hash' meant to return name, chain and table only
-  # @api.private
+  # @api private
   def self.rule_to_name(_context, rule, table_name, protocol)
     rule_hash = {}
     rule_hash[:ensure] = 'present'
@@ -517,7 +517,7 @@ def self.rule_to_name(_context, rule, table_name, protocol)
   end
 
   # Converts a given rule to a hash value
-  # @api.private
+  # @api private
   def self.rule_to_hash(_context, rule, table_name, protocol)
     # loop through resource map
     rule_hash = {}
@@ -698,7 +698,7 @@ def self.rule_to_hash(_context, rule, table_name, protocol)
   end
 
   # Verify that the information being retrieved is correct
-  # @api.private
+  # @api private
   def self.validate_get(_context, rules)
     # Verify that names are unique
     names = []
@@ -710,7 +710,7 @@ def self.validate_get(_context, rules)
   end
 
   # Certain attributes need custom logic to ensure that they are returning the correct information
-  # @api.private
+  # @api private
   def self.process_get(_context, rule_hash, rule, counter)
     # Puppet-firewall requires that all rules have structured comments (resource names) and will fail if a
     # rule in iptables does not have a matching comment.
@@ -747,7 +747,7 @@ def self.create_absent(namevar, title)
   ###### SET ######
 
   # Verify that the information being set is correct
-  # @api.private
+  # @api private
   def self.validate_input(_is, should)
     # Verify that name does not start with 9000-9999, this range has been reserved. Ignore check when deleting the rule
     raise ArgumentError, 'Rule name cannot start with 9000-9999, as this range is reserved for unmanaged rules.' if should[:name].match($unmanaged_rule_regex) && should[:ensure].to_s == 'present'
@@ -861,7 +861,7 @@ def self.validate_input(_is, should)
   end
 
   # Certain attributes need processed in ways that can vary between IPv4 and IPv6
-  # @api.private
+  # @api private
   def self.process_input(should)
     # `dport`, `sport` `state` `ctstate` and `ctstatus` arrays should only have the first value negated.
     [:dport, :sport, :state, :ctstate, :ctstatus].each do |key|
@@ -922,7 +922,7 @@ def self.process_input(should)
   end
 
   # Converts a given hash value to a command line argument
-  # @api.private
+  # @api private
   def self.hash_to_rule(_context, _name, rule)
     arguments = ''
 
@@ -1041,7 +1041,7 @@ def self.hash_to_rule(_context, _name, rule)
 
   # Find the correct position for our new rule in its chain
   # This has been lifted from the previous provider in order to maintain the logic between them
-  # @api.private
+  # @api private
   def self.insert_order(context, name, chain, table, protocol)
     rules = []
     # Find any rules that match the given chain and table pairing
diff --git a/lib/puppet/provider/firewallchain/firewallchain.rb b/lib/puppet/provider/firewallchain/firewallchain.rb
@@ -142,7 +142,7 @@ def insync?(context, _name, property_name, _is_hash, _should_hash)
   ###### PRIVATE METHODS ######
 
   # Process the information so that it can be correctly applied
-  # @api.private
+  # @api private
   def self.process_input(is, should)
     # Split the name into it's relevant parts
     is[:name] = is[:title] if is[:name].nil?
@@ -162,7 +162,7 @@ def self.process_input(is, should)
   end
 
   # Verify that the information is correct
-  # @api.private
+  # @api private
   def self.verify(_is, should)
     # Verify that no incorrect chain names are passed
     case should[:table]
