From 7ad2a10e1fd5f78a6632cf76c8def3ae4559677e Mon Sep 17 00:00:00 2001
From: Colleen Murphy <colleen@puppetlabs.com>
Date: Sun, 5 Apr 2015 22:36:07 -0700
Subject: [PATCH] Update ssh module version

The ssh module had an issue with hostkeys on RHEL systems prior to
version 2.4.0 that would cause puppet to error during a run: the
sshdsakey fact returns empty, so the exported dsa sshkey resource fails
due to an empty parameter[1]. The current dependency restricts the ssh
module to less than 2.0, which contains the bug.

Problematically, version 2.5.0 of the ssh module adds a change that is
incompatible with older 3.x versions of puppet [2], which breaks our tests.

This patch updates the ssh dependency to use full range of the next
major version in order to be as accomodating as possible. However, for
RHEL users to avoid the ssh key bug, they must use at least version
2.4.0. For users of older puppet versions to avoid the bad parameter
issue, they must use a version less than 2.5.0. The .fixtures.yml pins
to 2.4.0 for maximum compatibility. We could pin the dependency in the
metadata to exactly 2.4.0 as well, but since these are issues in the
ssh module, not swift's use of the ssh module, it is more appropriate
just to allow the newer version but not be too restrictive on the
version.

The ssh::server class has an API change between 1.x and 2.x, but the
new parameters (ensure, storeconfigs_enabled, and an options hash) have
acceptable defaults.

[1] https://github.com/saz/puppet-ssh/blob/v1.4.0/manifests/hostkeys.pp#L8
[2] https://github.com/saz/puppet-ssh/blob/v2.5.0/manifests/server/install.pp#L7

Change-Id: I30216b0336b5f1f1c65e711cb97654ef663ba01f
---
 .fixtures.yml | 4 +++-
 metadata.json | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.fixtures.yml b/.fixtures.yml
index e503cd72..a6fa7709 100644
--- a/.fixtures.yml
+++ b/.fixtures.yml
@@ -7,7 +7,9 @@ fixtures:
     "memcached": "git://github.com/saz/puppet-memcached.git"
     "openstacklib": "git://github.com/stackforge/puppet-openstacklib.git"
     "rsync": "git://github.com/puppetlabs/puppetlabs-rsync.git"
-    "ssh": "git://github.com/saz/puppet-ssh.git"
+    "ssh":
+       repo: "git://github.com/saz/puppet-ssh.git"
+       ref: "v2.4.0"
     "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
     "xinetd": "git://github.com/puppetlabs/puppetlabs-xinetd.git"
   symlinks:
diff --git a/metadata.json b/metadata.json
index 6b188647..0dfd0e06 100644
--- a/metadata.json
+++ b/metadata.json
@@ -38,6 +38,6 @@
     { "name": "puppetlabs/xinetd", "version_requirement": ">=1.0.1 <2.0.0" },
     { "name": "puppetlabs/concat", "version_requirement": ">=1.0.0 <2.0.0" },
     { "name": "saz/memcached", "version_requirement": ">=2.0.2 <3.0.0" },
-    { "name": "saz/ssh", "version_requirement": ">=1.0.2 <2.0.0" }
+    { "name": "saz/ssh", "version_requirement": ">=2.0.0 <3.0.0" }
   ]
 }