Merge branch 'jenkins-build-25' into 'master'

Auto-merge for build 25

See merge request puppet/confdroid_ssh!25

.puppet-lint.rc

@@ -1,3 +0,0 @@
---no-variable_scope-check
---no-top_scope_facts
---no-140chars-check

Jenkinsfile

@@ -1,129 +0,0 @@
-pipeline {
-    agent {
-      label 'puppet'
-    }
-
-    post {
-        always {
-            deleteDir() /* clean up our workspace */
-        }
-        success {
-            updateGitlabCommitStatus state: 'success'
-        }
-        failure {
-            updateGitlabCommitStatus state: 'failed'
-            step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
-        }
-    }
-
-    options {
-          gitLabConnection('gitlab.confdroid.com')
-    }
-
-    stages {
-
-      stage('pull master') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                # Ensure we're on the development branch (triggered by push)
-                git checkout development
-                # Create jenkins branch from development
-                git checkout -b jenkins-build-$BUILD_NUMBER
-                # Optionally merge master into jenkins to ensure compatibility
-                git merge origin/master --no-ff || { echo "Merge conflict detected"; exit 1; }
-            '''
-        }
-      }
-    }
-
-      stage('puppet parser') {
-        steps {
-          sh '''for file in $(find . -iname \'*.pp\'); do
-            /opt/puppetlabs/bin/puppet parser validate --color false --render-as s --modulepath=modules $file || exit 1;
-            done;'''
-          }
-        }
-
-      stage('check templates') {
-        steps{
-          sh '''for file in $(find . -iname \'*.erb\');
-            do erb -P -x -T "-" $file | ruby -c || exit 1;
-            done;'''
-        }
-      }
-
-      stage('puppet-lint') {
-        steps {
-          sh '''/usr/local/bin/puppet-lint . \\
-                --no-variable_scope-check \\
-                || { echo "Puppet lint failed"; exit 1; }
-            '''
-          }
-        }
-
-      stage('SonarScan') {
-         steps {
-            withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) {
-              sh '''
-              /opt/sonar-scanner/bin/sonar-scanner \
-                -Dsonar.projectKey=confdroid_ssh \
-                -Dsonar.sources=. \
-                -Dsonar.host.url=https://sonarqube.confdroid.com \
-                -Dsonar.token=$SONAR_TOKEN
-                '''
-              }
-            }
-          }
-
-      stage('create Puppet documentation') {
-        steps {
-          sh '/opt/puppetlabs/bin/puppet strings'
-        }
-      }
-
-      stage('update repo') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
-                git push -o merge_request.create \
-                         -o merge_request.target=master \
-                         -o merge_request.title="Auto-merge for build $BUILD_NUMBER" \
-                         -o merge_request.description="Automated changes from Jenkins build $BUILD_NUMBER" \
-                         -o merge_request.merge_when_pipeline_succeeds=true \
-                         origin jenkins-build-$BUILD_NUMBER
-            '''
-        }
-      }
-    }
-      stage('Mirror to Gitea') {
-        steps {
-          withCredentials([usernamePassword(
-            credentialsId: 'Jenkins-gitea',
-            usernameVariable: 'GITEA_USER',
-            passwordVariable: 'GITEA_TOKEN')]) {
-            script {
-              // Checkout from GitLab (already done implicitly)
-                sh '''
-                  git checkout master
-                  git pull origin master
-                  git branch -D development
-                  git branch -D jenkins-build-$BUILD_NUMBER
-                  git rm -f Jenkinsfile
-                  git rm -r --cached .vscode || echo "No .vscode to remove from git"
-                  git commit --amend --no-edit --allow-empty
-                  git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_ssh.git
-                  git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
-                  push master --mirror
-                  '''
-          }
-        }
-      }
-    }
-  }
-}

doc/puppet_classes/confdroid_ssh_3A_3Aparams.html

@@ -1150,6 +1150,24 @@
         —
         <div class='inline'>
 <p>setting for sshd_config. Default is ‘none’, which means that no version addendum will be included in the SSH banner, but can be set to a custom string if you want to include additional information in the SSH version banner. This can be used for branding purposes, but should be used with caution as it can potentially leak information about the server that could be useful to attackers.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ssh_banner</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;none&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>setting for sshd_config. Default is ‘none’, which means that no banner will be displayed to users when they connect, but can be set to a valid file path if you want to display a custom banner message to users when they connect. This can be used to display legal notices, security warnings, or other information to users when they connect to the SSH server.</p>
 </div>
       
     </li>
@@ -1165,12 +1183,6 @@
         <pre class="lines">
 
 
-188
-189
-190
-191
-192
-193
 194
 195
 196
@@ -1250,10 +1262,17 @@
 270
 271
 272
-273</pre>
+273
+274
+275
+276
+277
+278
+279
+280</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 188</span>
+        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 194</span>
 
 class confdroid_ssh::params (
 
@@ -1319,6 +1338,7 @@ class confdroid_ssh::params (
   String  $ssh_permit_tunnel                = &#39;no&#39;,
   String  $ssh_chroot_directory             = &#39;none&#39;,
   String  $ssh_version_addendum             = &#39;none&#39;,
+  String  $ssh_banner                       = &#39;none&#39;,
 
 ) {
 # default facts

manifests/params.pp

@@ -184,6 +184,12 @@
 #   additional information in the SSH version banner. This can be used for
 #   branding purposes, but should be used with caution as it can potentially
 #   leak information about the server that could be useful to attackers.
+# @param [String] ssh_banner setting for sshd_config.
+#   Default is 'none', which means that no banner will be displayed to users
+#   when they connect, but can be set to a valid file path if you want to
+#   display a custom banner message to users when they connect. This can be used
+#   to display legal notices, security warnings, or other information to users when
+#   they connect to the SSH server.
 ##############################################################################
 class confdroid_ssh::params (
 
@@ -249,6 +255,7 @@ class confdroid_ssh::params (
   String  $ssh_permit_tunnel                = 'no',
   String  $ssh_chroot_directory             = 'none',
   String  $ssh_version_addendum             = 'none',
+  String  $ssh_banner                       = 'none',
 
 ) {
 # default facts

templates/sshd_custom_conf.erb

@@ -68,3 +68,5 @@ MaxStartups <%= @ssh_max_startups %>
 PermitTunnel <%= @ssh_permit_tunnel %>
 ChrootDirectory <%= @ssh_chroot_directory %>
 VersionAddendum <%= @ssh_version_addendum %>
+
+Banner <%= @ssh_banner %>