Improve support for Foreman_proxy AD integration

manifests/config.pp

@@ -92,9 +92,13 @@
     feature   => 'Realm',
     listen_on => $::foreman_proxy::realm_listen_on,
   }
-  foreman_proxy::settings_file { 'realm_freeipa':
-    module => false,
+
+  if $foreman_proxy::realm_provider == 'freeipa' {
+    foreman_proxy::settings_file { 'realm_freeipa':
+      module => false,
+    }
   }
+
   foreman_proxy::settings_file { 'tftp':
     enabled   => $::foreman_proxy::tftp,
     feature   => 'TFTP',

manifests/init.pp

@@ -253,6 +253,8 @@
 #
 # $realm_principal::            Kerberos principal for realm updates
 #
+# $ad_config::                  Active Directory config to pass into plugin
+#
 # $freeipa_config::             Path to FreeIPA default.conf configuration file
 #
 # $freeipa_remove_dns::         Remove DNS entries from FreeIPA when deleting hosts from realm
@@ -415,9 +417,10 @@
   Enum['ipmitool', 'freeipmi', 'shell'] $bmc_default_provider = $::foreman_proxy::params::bmc_default_provider,
   Boolean $realm = $::foreman_proxy::params::realm,
   Foreman_proxy::ListenOn $realm_listen_on = $::foreman_proxy::params::realm_listen_on,
-  String $realm_provider = $::foreman_proxy::params::realm_provider,
+  Enum['freeipa', 'ad'] $realm_provider = $::foreman_proxy::params::realm_provider,
   Stdlib::Absolutepath $realm_keytab = $::foreman_proxy::params::realm_keytab,
   String $realm_principal = $::foreman_proxy::params::realm_principal,
+  Optional[Foreman_proxy::AdConfig] $ad_config = $::foreman_proxy::params::ad_config,
   Stdlib::Absolutepath $freeipa_config = $::foreman_proxy::params::freeipa_config,
   Boolean $freeipa_remove_dns = $::foreman_proxy::params::freeipa_remove_dns,
   Variant[Undef, String[0], Stdlib::Absolutepath] $keyfile = $::foreman_proxy::params::keyfile,
@@ -436,6 +439,18 @@
 
   $real_registered_proxy_url = pick($registered_proxy_url, "https://${::fqdn}:${ssl_port}")
 
+  if $realm_provider == 'ad' {
+    class { '::foreman_proxy::plugin::realm::ad':
+      realm                 => $ad_config['realm'],
+      domain_controller     => $ad_config['domain_controller'],
+      ou                    => $ad_config['ou'],
+      computername_prefix   => $ad_config['computername_prefix'],
+      computername_hash     => $ad_config['computername_hash'],
+      computername_use_fqdn => $ad_config['computername_use_fqdn'],
+      version               => $ad_config['version'],
+    }
+  }
+
   # lint:ignore:spaceship_operator_without_tag
   class { '::foreman_proxy::install': }
   ~> class { '::foreman_proxy::config': }

manifests/params.pp

@@ -348,6 +348,7 @@
   $realm_provider     = 'freeipa'
   $realm_keytab       = "${etc}/foreman-proxy/freeipa.keytab"
   $realm_principal    = '[email protected]'
+  $ad_config          = undef
   $freeipa_config     = '/etc/ipa/default.conf'
   $freeipa_remove_dns = true
 

spec/classes/foreman_proxy__spec.rb

@@ -5,11 +5,28 @@
     context "on #{os}" do
       let(:facts) { facts }
 
-      it 'should include classes' do
-        should contain_class('foreman_proxy::install')
-        should contain_class('foreman_proxy::config')
-        should contain_class('foreman_proxy::service')
-        should contain_class('foreman_proxy::register')
+      describe 'with defaults' do
+        it 'should include classes' do
+          should contain_class('foreman_proxy::install')
+          should contain_class('foreman_proxy::config')
+          should contain_class('foreman_proxy::service')
+          should contain_class('foreman_proxy::register')
+        end
+      end
+
+      describe 'with realm_provider => ad' do
+        let(:params) do
+          {
+            :realm_provider => 'ad',
+            :ad_config => {
+              'realm'             => 'EXAMPLE.COM',
+              'domain_controller' => 'dc.example.com'
+            }
+          }
+        end
+        it 'should include ad realm' do
+          should contain_class('foreman_proxy::plugin::realm::ad')
+        end
       end
     end
   end

types/adconfig.pp

@@ -0,0 +1,9 @@
+type Foreman_proxy::AdConfig = Struct[{
+  Optional[computername_hash]     => Boolean,
+  Optional[computername_prefix]   => String[1],
+  Optional[computername_use_fqdn] => Boolean,
+  domain_controller               => String[1],
+  Optional[ou]                    => String[1],
+  realm                           => String[1],
+  Optional[version]               => String[1]
+}]