Refactor domain template

silug · silug · commit aba8a8abd211 · 2025-09-25T13:06:39.000-05:00
diff --git a/manifests/domain.pp b/manifests/domain.pp
@@ -123,56 +123,135 @@
   Optional[String]                           $ldap_user_search_filter      = undef,
   Optional[Hash]                             $custom_options               = undef,
 ) {
+  # Build configuration lines in order (matching expected test output)
+  # Debug settings
+  $debug_level_line = $debug_level ? { undef => [], default => ["debug_level = ${debug_level}"] }
+  $debug_timestamps_line = ["debug_timestamps = ${debug_timestamps}"]
+  $debug_microseconds_line = ["debug_microseconds = ${debug_microseconds}"]
+
+  # Description and basic settings
+  $description_line = $description ? { undef => [], default => ["description = ${description}"] }
+  $min_id_line = ["min_id = ${min_id}"]
+  $max_id_line = ["max_id = ${max_id}"]
+  $enumerate_line = ["enumerate = ${enumerate}"]
+
+  # Subdomain and timeout settings
+  $subdomain_enumerate_line = $subdomain_enumerate ? { false => [], default => ["subdomain_enumerate = ${subdomain_enumerate}"] }
+  $force_timeout_line = $force_timeout ? { undef => [], default => ["force_timeout = ${force_timeout}"] }
+
+  # Entry cache timeout settings
+  $entry_cache_timeout_line = $entry_cache_timeout ? { undef => [], default => ["entry_cache_timeout = ${entry_cache_timeout}"] }
+  $entry_cache_user_timeout_line = $entry_cache_user_timeout ? { undef => [], default => ["entry_cache_user_timeout = ${entry_cache_user_timeout}"] }
+  $entry_cache_group_timeout_line = $entry_cache_group_timeout ? { undef => [], default => ["entry_cache_group_timeout = ${entry_cache_group_timeout}"] }
+  $entry_cache_netgroup_timeout_line = $entry_cache_netgroup_timeout ? { undef => [], default => ["entry_cache_netgroup_timeout = ${entry_cache_netgroup_timeout}"] }
+  $entry_cache_service_timeout_line = $entry_cache_service_timeout ? { undef => [], default => ["entry_cache_service_timeout = ${entry_cache_service_timeout}"] }
+  $entry_cache_sudo_timeout_line = $entry_cache_sudo_timeout ? { undef => [], default => ["entry_cache_sudo_timeout = ${entry_cache_sudo_timeout}"] }
+  $entry_cache_autofs_timeout_line = $entry_cache_autofs_timeout ? { undef => [], default => ["entry_cache_autofs_timeout = ${entry_cache_autofs_timeout}"] }
+  $entry_cache_ssh_host_timeout_line = $entry_cache_ssh_host_timeout ? { undef => [], default => ["entry_cache_ssh_host_timeout = ${entry_cache_ssh_host_timeout}"] }
+  $refresh_expired_interval_line = $refresh_expired_interval ? { undef => [], default => ["refresh_expired_interval = ${refresh_expired_interval}"] }
+
+  # Cache settings
+  $cache_credentials_line = ["cache_credentials = ${cache_credentials}"]
+  $account_cache_expiration_line = ["account_cache_expiration = ${account_cache_expiration}"]
+  $pwd_expiration_warning_line = $pwd_expiration_warning ? { undef => [], default => ["pwd_expiration_warning = ${pwd_expiration_warning}"] }
+
+  # Naming settings
+  $use_fully_qualified_names_line = ["use_fully_qualified_names = ${use_fully_qualified_names}"]
+  $ignore_group_members_line = ["ignore_group_members = ${ignore_group_members}"]
+
+  # Provider settings (id_provider is required, others optional)
+  $id_provider_line = ["id_provider = ${id_provider}"]
+  $auth_provider_line = $auth_provider ? { undef => [], default => ["auth_provider = ${auth_provider}"] }
+  $access_provider_line = $access_provider ? { undef => [], default => ["access_provider = ${access_provider}"] }
+  $chpass_provider_line = $chpass_provider ? { undef => [], default => ["chpass_provider = ${chpass_provider}"] }
+  $sudo_provider_line = $sudo_provider ? { undef => [], default => ["sudo_provider = ${sudo_provider}"] }
+  $selinux_provider_line = $selinux_provider ? { undef => [], default => ["selinux_provider = ${selinux_provider}"] }
+  $subdomains_provider_line = $subdomains_provider ? { undef => [], default => ["subdomains_provider = ${subdomains_provider}"] }
+  $autofs_provider_line = $autofs_provider ? { undef => [], default => ["autofs_provider = ${autofs_provider}"] }
+  $hostid_provider_line = $hostid_provider ? { undef => [], default => ["hostid_provider = ${hostid_provider}"] }
+
+  # Pattern and formatting settings
+  $re_expression_line = $re_expression ? { undef => [], default => ["re_expression = ${re_expression}"] }
+  $full_name_format_line = $full_name_format ? { undef => [], default => ["full_name_format = ${full_name_format}"] }
+  $lookup_family_order_line = $lookup_family_order ? { undef => [], default => ["lookup_family_order = ${lookup_family_order}"] }
+
+  # DNS settings
+  $dns_resolver_timeout_line = ["dns_resolver_timeout = ${dns_resolver_timeout}"]
+  $dns_discovery_domain_line = $dns_discovery_domain ? { undef => [], default => ["dns_discovery_domain = ${dns_discovery_domain}"] }
+
+  # Override and case sensitivity settings
+  $override_gid_line = $override_gid ? { undef => [], default => ["override_gid = ${override_gid}"] }
+  $case_sensitive_line = ["case_sensitive = ${case_sensitive}"]
+  $proxy_fast_alias_line = ["proxy_fast_alias = ${proxy_fast_alias}"]
+
+  # Optional provider-specific settings
+  $realmd_tags_line = $realmd_tags ? { undef => [], default => ["realmd_tags = ${realmd_tags}"] }
+  $ldap_user_search_filter_line = $ldap_user_search_filter ? { undef => [], default => ["ldap_user_search_filter = ${ldap_user_search_filter}"] }
+  $proxy_pam_target_line = $proxy_pam_target ? { undef => [], default => ["proxy_pam_target = ${proxy_pam_target}"] }
+  $proxy_lib_name_line = $proxy_lib_name ? { undef => [], default => ["proxy_lib_name = ${proxy_lib_name}"] }
+
+  # Custom options processing
+  $custom_options_lines = $custom_options ? {
+    undef => [],
+    default => $custom_options.keys.sort.map |$opt| { "${opt} = ${custom_options[$opt]}" }
+  }
+
+  # Combine all lines in order
+  $config_lines = (
+    $debug_level_line +
+    $debug_timestamps_line +
+    $debug_microseconds_line +
+    $description_line +
+    $min_id_line +
+    $max_id_line +
+    $enumerate_line +
+    $subdomain_enumerate_line +
+    $force_timeout_line +
+    $entry_cache_timeout_line +
+    $entry_cache_user_timeout_line +
+    $entry_cache_group_timeout_line +
+    $entry_cache_netgroup_timeout_line +
+    $entry_cache_service_timeout_line +
+    $entry_cache_sudo_timeout_line +
+    $entry_cache_autofs_timeout_line +
+    $entry_cache_ssh_host_timeout_line +
+    $refresh_expired_interval_line +
+    $cache_credentials_line +
+    $account_cache_expiration_line +
+    $pwd_expiration_warning_line +
+    $use_fully_qualified_names_line +
+    $ignore_group_members_line +
+    $id_provider_line +
+    $auth_provider_line +
+    $access_provider_line +
+    $chpass_provider_line +
+    $sudo_provider_line +
+    $selinux_provider_line +
+    $subdomains_provider_line +
+    $autofs_provider_line +
+    $hostid_provider_line +
+    $re_expression_line +
+    $full_name_format_line +
+    $lookup_family_order_line +
+    $dns_resolver_timeout_line +
+    $dns_discovery_domain_line +
+    $override_gid_line +
+    $case_sensitive_line +
+    $proxy_fast_alias_line +
+    $realmd_tags_line +
+    $ldap_user_search_filter_line +
+    $proxy_pam_target_line +
+    $proxy_lib_name_line +
+    $custom_options_lines
+  )
+
+  # Join all configuration lines
+  $content = $config_lines.join("\n")
+
   sssd::config::entry { "puppet_domain_${name}":
-    content => epp(
-      'sssd/domain.epp',
-      {
-        'id_provider'                  => $id_provider,
-        'debug_level'                  => $debug_level,
-        'debug_timestamps'             => $debug_timestamps,
-        'debug_microseconds'           => $debug_microseconds,
-        'description'                  => $description,
-        'min_id'                       => $min_id,
-        'max_id'                       => $max_id,
-        'enumerate'                    => $enumerate,
-        'subdomain_enumerate'          => $subdomain_enumerate,
-        'force_timeout'                => $force_timeout,
-        'entry_cache_timeout'          => $entry_cache_timeout,
-        'entry_cache_user_timeout'     => $entry_cache_user_timeout,
-        'entry_cache_group_timeout'    => $entry_cache_group_timeout,
-        'entry_cache_netgroup_timeout' => $entry_cache_netgroup_timeout,
-        'entry_cache_service_timeout'  => $entry_cache_service_timeout,
-        'entry_cache_sudo_timeout'     => $entry_cache_sudo_timeout,
-        'entry_cache_autofs_timeout'   => $entry_cache_autofs_timeout,
-        'entry_cache_ssh_host_timeout' => $entry_cache_ssh_host_timeout,
-        'refresh_expired_interval'     => $refresh_expired_interval,
-        'cache_credentials'            => $cache_credentials,
-        'account_cache_expiration'     => $account_cache_expiration,
-        'pwd_expiration_warning'       => $pwd_expiration_warning,
-        'use_fully_qualified_names'    => $use_fully_qualified_names,
-        'ignore_group_members'         => $ignore_group_members,
-        'access_provider'              => $access_provider,
-        'auth_provider'                => $auth_provider,
-        'chpass_provider'              => $chpass_provider,
-        'sudo_provider'                => $sudo_provider,
-        'selinux_provider'             => $selinux_provider,
-        'subdomains_provider'          => $subdomains_provider,
-        'autofs_provider'              => $autofs_provider,
-        'hostid_provider'              => $hostid_provider,
-        're_expression'                => $re_expression,
-        'full_name_format'             => $full_name_format,
-        'lookup_family_order'          => $lookup_family_order,
-        'dns_resolver_timeout'         => $dns_resolver_timeout,
-        'dns_discovery_domain'         => $dns_discovery_domain,
-        'override_gid'                 => $override_gid,
-        'case_sensitive'               => $case_sensitive,
-        'proxy_fast_alias'             => $proxy_fast_alias,
-        'realmd_tags'                  => $realmd_tags,
-        'proxy_pam_target'             => $proxy_pam_target,
-        'proxy_lib_name'               => $proxy_lib_name,
-        'ldap_user_search_filter'      => $ldap_user_search_filter,
-        'custom_options'               => $custom_options,
-      },
-    ),
+    content => epp('sssd/domain.epp', {
+        'name'    => $name,
+        'content' => $content,
+    }),
   }
 }
diff --git a/templates/domain.epp b/templates/domain.epp
@@ -1,159 +1,7 @@
 <% |
-  Sssd::IdProvider                           $id_provider,
-  Optional[Sssd::DebugLevel]                 $debug_level,
-  Boolean                                    $debug_timestamps,
-  Boolean                                    $debug_microseconds,
-  Optional[String]                           $description,
-  Integer[0]                                 $min_id,
-  Integer[0]                                 $max_id,
-  Boolean                                    $enumerate,
-  Boolean                                    $subdomain_enumerate,
-  Optional[Integer]                          $force_timeout,
-  Optional[Integer]                          $entry_cache_timeout,
-  Optional[Integer]                          $entry_cache_user_timeout,
-  Optional[Integer]                          $entry_cache_group_timeout,
-  Optional[Integer]                          $entry_cache_netgroup_timeout,
-  Optional[Integer]                          $entry_cache_service_timeout,
-  Optional[Integer]                          $entry_cache_sudo_timeout,
-  Optional[Integer]                          $entry_cache_autofs_timeout,
-  Optional[Integer]                          $entry_cache_ssh_host_timeout,
-  Optional[Integer]                          $refresh_expired_interval,
-  Boolean                                    $cache_credentials,
-  Integer[0]                                 $account_cache_expiration,
-  Optional[Integer[0]]                       $pwd_expiration_warning,
-  Boolean                                    $use_fully_qualified_names,
-  Boolean                                    $ignore_group_members,
-  Optional[Sssd::AccessProvider]             $access_provider,
-  Optional[Sssd::AuthProvider]               $auth_provider,
-  Optional[Sssd::ChpassProvider]             $chpass_provider,
-  Optional[Enum['ldap', 'ipa','ad','none']]  $sudo_provider,
-  Optional[Enum['ipa', 'none']]              $selinux_provider,
-  Optional[Enum['ipa', 'ad','none']]         $subdomains_provider,
-  Optional[Enum['ad', 'ldap', 'ipa','none']] $autofs_provider,
-  Optional[Enum['ipa', 'none']]              $hostid_provider,
-  Optional[String]                           $re_expression,
-  Optional[String]                           $full_name_format,
-  Optional[String]                           $lookup_family_order,
-  Integer[0]                                 $dns_resolver_timeout,
-  Optional[String]                           $dns_discovery_domain,
-  Optional[String]                           $override_gid,
-  Variant[Boolean,Enum['preserving']]        $case_sensitive,
-  Boolean                                    $proxy_fast_alias,
-  Optional[String]                           $realmd_tags,
-  Optional[String]                           $proxy_pam_target,
-  Optional[String]                           $proxy_lib_name,
-  Optional[String]                           $ldap_user_search_filter,
-  Optional[Hash]                             $custom_options,
+  String[1] $name,
+  String[1] $content,
 | -%>
-
 # sssd::domain <%= $name %>
 [domain/<%= $name %>]
-<% if $debug_level { -%>
-debug_level = <%= $debug_level %>
-<% } -%>
-debug_timestamps = <%= $debug_timestamps %>
-debug_microseconds = <%= $debug_microseconds %>
-<% if $description { -%>
-description = <%= $description %>
-<% } -%>
-min_id = <%= $min_id %>
-max_id = <%= $max_id %>
-enumerate = <%= $enumerate %>
-<% if $subdomain_enumerate { -%>
-subdomain_enumerate = <%= $subdomain_enumerate %>
-<% } -%>
-<% if $force_timeout { -%>
-force_timeout = <%= $force_timeout %>
-<% } -%>
-<% if $entry_cache_timeout { -%>
-entry_cache_timeout = <%= $entry_cache_timeout %>
-<% } -%>
-<% if $entry_cache_user_timeout { -%>
-entry_cache_user_timeout = <%= $entry_cache_user_timeout %>
-<% } -%>
-<% if $entry_cache_group_timeout { -%>
-entry_cache_group_timeout = <%= $entry_cache_group_timeout %>
-<% } -%>
-<% if $entry_cache_netgroup_timeout { -%>
-entry_cache_netgroup_timeout = <%= $entry_cache_netgroup_timeout %>
-<% } -%>
-<% if $entry_cache_service_timeout { -%>
-entry_cache_service_timeout = <%= $entry_cache_service_timeout %>
-<% } -%>
-<% if $entry_cache_sudo_timeout { -%>
-entry_cache_sudo_timeout = <%= $entry_cache_sudo_timeout %>
-<% } -%>
-<% if $entry_cache_autofs_timeout { -%>
-entry_cache_autofs_timeout = <%= $entry_cache_autofs_timeout %>
-<% } -%>
-<% if $entry_cache_ssh_host_timeout { -%>
-entry_cache_ssh_host_timeout = <%= $entry_cache_ssh_host_timeout %>
-<% } -%>
-<% if $refresh_expired_interval { -%>
-refresh_expired_interval = <%= $refresh_expired_interval %>
-<% } -%>
-cache_credentials = <%= $cache_credentials %>
-account_cache_expiration = <%= $account_cache_expiration %>
-<% if $pwd_expiration_warning { -%>
-pwd_expiration_warning = <%= $pwd_expiration_warning %>
-<% } -%>
-use_fully_qualified_names = <%= $use_fully_qualified_names %>
-ignore_group_members = <%= $ignore_group_members %>
-id_provider = <%= $id_provider %>
-<% if $auth_provider { -%>
-auth_provider = <%= $auth_provider %>
-<% } -%>
-<% if $access_provider { -%>
-access_provider = <%= $access_provider %>
-<% } -%>
-<% if $chpass_provider { -%>
-chpass_provider = <%= $chpass_provider %>
-<% } -%>
-<% if $sudo_provider { -%>
-sudo_provider = <%= $sudo_provider %>
-<% } -%>
-<% if $selinux_provider { -%>
-selinux_provider = <%= $selinux_provider %>
-<% } -%>
-<% if $subdomains_provider { -%>
-subdomains_provider = <%= $subdomains_provider %>
-<% } -%>
-<% if $autofs_provider { -%>
-autofs_provider = <%= $autofs_provider %>
-<% } -%>
-<% if $hostid_provider { -%>
-hostid_provider = <%= $hostid_provider %>
-<% } -%>
-<% if $re_expression { -%>
-re_expression = <%= $re_expression %>
-<% } -%>
-<% if $full_name_format { -%>
-full_name_format = <%= $full_name_format %>
-<% } -%>
-<% if $lookup_family_order { -%>
-lookup_family_order = <%= $lookup_family_order %>
-<% } -%>
-dns_resolver_timeout = <%= $dns_resolver_timeout %>
-<% if $dns_discovery_domain { -%>
-dns_discovery_domain = <%= $dns_discovery_domain %>
-<% } -%>
-<% if $override_gid { -%>
-override_gid = <%= $override_gid %>
-<% } -%>
-case_sensitive = <%= $case_sensitive %>
-proxy_fast_alias = <%= $proxy_fast_alias %>
-<% if $realmd_tags { -%>
-realmd_tags = <%= $realmd_tags %>
-<% } -%>
-<% if $ldap_user_search_filter { -%>
-ldap_user_search_filter = <%= $ldap_user_search_filter %>
-<% } -%>
-<% if $proxy_pam_target { -%>
-proxy_pam_target = <%= $proxy_pam_target %>
-<% } -%>
-<% if $proxy_lib_name { -%>
-proxy_lib_name = <%= $proxy_lib_name %>
-<% } -%>
-<% $custom_options.lest || { {} }.each |$opt, $value| { -%>
-<%= $opt %> = <%= $value %>
-<% } -%>
+<%= $content %>
