# Class: profiles::puppet::enc
#
# This class manages a Git repository at /opt/puppetlabs/enc. It includes a 
# systemd service and timer to keep the repository updated every minute.
# The Git package is installed if not present, and the repository at the given 
# location will always reflect the state of the remote Git repository.
#
# Parameters:
# - enc_repo: The URL of the Git repository to clone.
#
# Actions:
# - Ensures the Git package is installed.
# - Ensures the /opt/puppetlabs/enc directory is a clone of the given Git repository.
# - Creates a helper script '/opt/puppetlabs/bin/git_update' for updating the Git repository.
# - Creates a systemd service and timer that runs the git update script every minute.
#
# Usage:
#   Directly include the class in your node definitions or classify your nodes 
#   using an ENC or Hiera.
#   Example:
#     node 'puppet.example.com' {
#       class { 'profiles::puppet::enc':
#         enc_repo => 'https://github.com/user/repo.git',
#       }
#     }
#
# Requirements:
# - The 'puppet-vcsrepo' module should be installed on your puppetmaster.
# - The 'puppet-systemd' module should be installed on your puppetmaster.
# - '/opt/puppetlabs/bin/' directory must exist and be writable.
# - Puppet master must have access to the specified Git URL.
#
# Limitations:
# This is designed to work on Unix-like systems only.
#
class profiles::puppet::enc (
  String $repo,
  String $release = 'master',
  Boolean $force = false,
) {

  vcsrepo { '/opt/puppetlabs/enc':
    ensure   => latest,
    provider => git,
    source   => $repo,
    revision => $release,
    force    => $force,
    require  => Package['git'],
  }

  file { '/opt/puppetlabs/bin/enc':
    ensure  => link,
    target  => '/opt/puppetlabs/enc/enc.py',
    require => Vcsrepo['/opt/puppetlabs/enc'],
  }

  file { '/opt/puppetlabs/bin/puppet-enc':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0755',
    content => "#!/bin/bash\n(
      cd /opt/puppetlabs/enc/
      git reset --hard master
      git clean -fd
      git pull\n)",
    require => Package['git'],
  }

  $_timer = @(EOT)
  [Unit]
  Description=puppet-enc downloader timer
  [Timer]
  OnCalendar=*:0/1
  RandomizedDelaySec=1s
  [Install]
  WantedBy=timers.target
  EOT

  $_service = @(EOT)
  [Unit]
  Description=puppet-enc downloader service
  [Service]
  Type=oneshot
  ExecStart=/opt/puppetlabs/bin/puppet-enc
  User=root
  Group=root
  PermissionsStartOnly=false
  PrivateTmp=no
  EOT

  systemd::timer { 'puppet-enc.timer':
    timer_content   => $_timer,
    service_content => $_service,
    active          => true,
    enable          => true,
    require         => File['/opt/puppetlabs/bin/puppet-enc'],
  }
}