Implement allowlist for puppet module content

This implements puppetlabs/puppet-specifications#157

* By default every file is ignored
* Only files from the official specification for puppet modules are
  added to the allowlist
* support for .pdkignore, .pmtignore and .gitignore is removed

Author: bastelfreak

.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2024-06-28 12:03:58 UTC using RuboCop version 1.64.1.
+# on 2024-07-05 11:25:28 UTC using RuboCop version 1.64.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -11,7 +11,7 @@ Lint/MixedRegexpCaptureTypes:
   Exclude:
     - 'Gemfile'
 
-# Offense count: 4
+# Offense count: 2
 # Configuration parameters: Prefixes, AllowedPatterns.
 # Prefixes: when, with, without
 RSpec/ContextWording:
@@ -34,24 +34,24 @@ RSpec/MessageSpies:
 RSpec/MultipleExpectations:
   Max: 11
 
-# Offense count: 13
+# Offense count: 8
 # Configuration parameters: AllowSubject.
 RSpec/MultipleMemoizedHelpers:
   Max: 8
 
-# Offense count: 8
+# Offense count: 5
 # Configuration parameters: EnforcedStyle, IgnoreSharedExamples.
 # SupportedStyles: always, named_only
 RSpec/NamedSubject:
   Exclude:
     - 'spec/unit/puppet/modulebuilder/builder_spec.rb'
 
-# Offense count: 3
+# Offense count: 1
 # Configuration parameters: AllowedGroups.
 RSpec/NestedGroups:
-  Max: 5
+  Max: 4
 
-# Offense count: 32
+# Offense count: 28
 RSpec/SubjectStub:
   Exclude:
     - 'spec/unit/puppet/modulebuilder/builder_spec.rb'

lib/puppet/modulebuilder/builder.rb

@@ -5,15 +5,29 @@
 module Puppet::Modulebuilder
   # Class to build Puppet Modules from source
   class Builder
-    DEFAULT_IGNORED = [
+    # Due to the way how PathSpec generates the regular expression,
+    # `/*` doesn't match directories starting with a dot,
+    # so we need `/.*` as well.
+    IGNORED = [
+      '/**',
       '/.*',
-      '/pkg/',
-      '~*',
-      '/coverage',
-      '/checksums.json',
-      '/REVISION',
-      '/spec/fixtures/modules/',
-      '/vendor/',
+      '!/CHANGELOG*',
+      '!/LICENSE',
+      '!/README*',
+      '!/REFERENCE.md',
+      '!/bolt_plugin.json',
+      '!/data/**',
+      '!/docs/**',
+      '!/files/**',
+      '!/hiera.yaml',
+      '!/locales/**',
+      '!/manifests/**',
+      '!/metadata.json',
+      '!/plans/**',
+      '!/scripts/**',
+      '!/tasks/**',
+      '!/templates/**',
+      '!/types/**',
     ].freeze
 
     attr_reader :destination, :logger
@@ -168,21 +182,6 @@ def warn_symlink(path)
                          from: symlink_path.relative_path_from(module_path), to: symlink_path.realpath.relative_path_from(module_path))
     end
 
-    # Select the most appropriate ignore file in the module directory.
-    #
-    # In order of preference, we first try `.pdkignore`, then `.pmtignore`
-    # and finally `.gitignore`.
-    #
-    # @return [String] The path to the file containing the patterns of file
-    #   paths to ignore.
-    def ignore_file
-      @ignore_file ||= [
-        File.join(source, '.pdkignore'),
-        File.join(source, '.pmtignore'),
-        File.join(source, '.gitignore'),
-      ].find { |file| file_exists?(file) && file_readable?(file) }
-    end
-
     # Checks if the path contains any non-ASCII characters.
     #
     # Java will throw an error when it encounters a path containing
@@ -251,20 +250,10 @@ def build_package
     def ignored_files
       require 'pathspec'
 
-      @ignored_files ||=
-        begin
-          ignored = if ignore_file.nil?
-                      PathSpec.new
-                    else
-                      PathSpec.new(read_file(ignore_file, open_args: 'rb:UTF-8'))
-                    end
-
-          ignored = ignored.add("/#{File.basename(destination)}/") if File.realdirpath(destination).start_with?(File.realdirpath(source))
+      ignored = PathSpec.new(IGNORED)
+      ignored.add("/#{File.basename(destination)}/") if File.realdirpath(destination).start_with?(File.realdirpath(source))
 
-          DEFAULT_IGNORED.each { |r| ignored.add(r) }
-
-          ignored
-        end
+      ignored
     end
 
     # Create a temporary build directory where the files to be included in

spec/unit/puppet/modulebuilder/builder_spec.rb

@@ -300,64 +300,6 @@
     end
   end
 
-  describe '#ignore_file' do
-    subject { builder.ignore_file }
-
-    let(:module_source) { File.join(root_dir, 'tmp', 'my-module') }
-    let(:possible_files) do
-      [
-        '.pdkignore',
-        '.pmtignore',
-        '.gitignore',
-      ]
-    end
-    let(:available_files) { [] }
-
-    before do
-      available_files.each do |file|
-        file_path = File.join(module_source, file)
-
-        allow(builder).to receive(:file_exists?).with(file_path).and_return(true)
-        allow(builder).to receive(:file_readable?).with(file_path).and_return(true)
-      end
-
-      (possible_files - available_files).each do |file|
-        file_path = File.join(module_source, file)
-
-        allow(builder).to receive(:file_exists?).with(file_path).and_return(false)
-        allow(builder).to receive(:file_readable?).with(file_path).and_return(false)
-      end
-    end
-
-    context 'when none of the possible ignore files are present' do
-      it { is_expected.to be_nil }
-    end
-
-    context 'when .gitignore is present' do
-      let(:available_files) { ['.gitignore'] }
-
-      it 'returns the path to the .gitignore file' do
-        expect(subject).to eq(File.join(module_source, '.gitignore'))
-      end
-
-      context 'and .pmtignore is present' do
-        let(:available_files) { ['.gitignore', '.pmtignore'] }
-
-        it 'returns the path to the .pmtignore file' do
-          expect(subject).to eq(File.join(module_source, '.pmtignore'))
-        end
-
-        context 'and .pdkignore is present' do
-          let(:available_files) { possible_files }
-
-          it 'returns the path to the .pdkignore file' do
-            expect(subject).to eq(File.join(module_source, '.pdkignore'))
-          end
-        end
-      end
-    end
-  end
-
   describe '#ignored_files' do
     subject { builder.ignored_files }