chore(gemfile.lock): update to latest gem versions (2022-W28) [skip ci]

* Automated using https://github.com/myii/ssf-formula/pull/454
chore(gemfile.lock): update to latest gem versions (2022-W26) [skip ci]
2022-07-17 19:46:45 +01:00 · 2022-06-30 23:08:00 +01:00 · 2022-06-15 23:05:09 +01:00 · 2022-06-09 00:04:02 +01:00 · 2022-06-07 23:29:58 +01:00 · 2022-05-30 17:27:47 +01:00
53 changed files with 4854 additions and 690 deletions
--- a/.github/workflows/kitchen.vagrant.yml
+++ b/.github/workflows/kitchen.vagrant.yml
@ -0,0 +1,37 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: 'Kitchen Vagrant (FreeBSD & OpenBSD)'
+'on': ['push', 'pull_request']
+
+env:
+  KITCHEN_LOCAL_YAML: 'kitchen.vagrant.yml'
+
+jobs:
+  test:
+    runs-on: 'macos-10.15'
+    strategy:
+      fail-fast: false
+      matrix:
+        instance:
+          - default-freebsd-130-master-py3
+          - default-freebsd-123-master-py3
+          # - default-freebsd-130-3004-0-py3
+          # - default-freebsd-123-3004-0-py3
+          - default-openbsd-70-3003-3-py3
+    steps:
+      - name: 'Check out code'
+        uses: 'actions/checkout@v2'
+      - name: 'Set up Bundler cache'
+        uses: 'actions/cache@v1'
+        with:
+          path: 'vendor/bundle'
+          key: "${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}"
+          restore-keys: "${{ runner.os }}-gems-"
+      - name: 'Run Bundler'
+        run: |
+          ruby --version
+          bundle config path vendor/bundle
+          bundle install --jobs 4 --retry 3
+      - name: 'Run Test Kitchen'
+        run: 'bundle exec kitchen verify ${{ matrix.instance }}'
--- a/.gitignore
+++ b/.gitignore
@ -91,6 +91,9 @@ celerybeat-schedule
 venv/
 ENV/

+# visual studio
+.vs/
+
 # Spyder project settings
 .spyderproject
 .spyproject
@ -120,3 +123,12 @@ docs/*.md
 Dockerfile.*_*
 ignore/
 tmp/
+
+# `salt-formula` -- Vagrant Specific files
+.vagrant
+top.sls
+!test/salt/pillar/top.sls
+
+# `suricata-formula` -- Platform binaries
+*.rpm
+*.deb
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -46,7 +46,7 @@ variables:
  DOCKER_DRIVER: 'overlay2'

 ###############################################################################
-# `lint` stage: `commitlint` & `pre-commit`
+# `lint` stage: `commitlint`, `pre-commit` & `rubocop` (latest, failure allowed)
 ###############################################################################
 commitlint:
  stage: *stage_lint
@ -102,7 +102,7 @@ rubocop:
 ###############################################################################
 # Define `test` template
 ###############################################################################
-.test_instance:
+.test_instance: &test_instance
  stage: *stage_test
  image: *image_dindruby
  services: *services_docker_dind
@ -117,43 +117,84 @@ rubocop:
    # Alternative value to consider: `${CI_JOB_NAME}`
    - 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"'

+###############################################################################
+# Define `test` template (`allow_failure: true`)
+###############################################################################
+.test_instance_failure_permitted:
+  <<: *test_instance
+  allow_failure: true
+
 ###############################################################################
 # `test` stage: each instance below uses the `test` template above
 ###############################################################################
 ## Define the rest of the matrix based on Kitchen testing
 # Make sure the instances listed below match up with
 # the `platforms` defined in `kitchen.yml`
+# yamllint disable rule:line-length
+# default-debian-11-tiamat-py3: {extends: '.test_instance'}
+# default-debian-10-tiamat-py3: {extends: '.test_instance'}
+# default-debian-9-tiamat-py3: {extends: '.test_instance'}
+# default-ubuntu-2204-tiamat-py3: {extends: '.test_instance_failure_permitted'}
+# default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'}
+# default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'}
+# default-centos-7-tiamat-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-tiamat-py3: {extends: '.test_instance'}
+# default-almalinux-8-tiamat-py3: {extends: '.test_instance'}
+# default-rockylinux-8-tiamat-py3: {extends: '.test_instance'}
+default-debian-11-master-py3: {extends: '.test_instance'}
 default-debian-10-master-py3: {extends: '.test_instance'}
+default-debian-9-master-py3: {extends: '.test_instance'}
+default-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
 default-ubuntu-2004-master-py3: {extends: '.test_instance'}
-# default-ubuntu-1804-master-py3: {extends: '.test_instance'}
-default-centos-8-master-py3: {extends: '.test_instance'}
-default-fedora-32-master-py3: {extends: '.test_instance'}
-# default-fedora-31-master-py3: {extends: '.test_instance'}
-default-opensuse-leap-152-master-py3: {extends: '.test_instance'}
+default-ubuntu-1804-master-py3: {extends: '.test_instance'}
+default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
+default-centos-7-master-py3: {extends: '.test_instance'}
+default-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
+default-fedora-35-master-py3: {extends: '.test_instance'}
+default-opensuse-leap-153-master-py3: {extends: '.test_instance'}
+default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
 default-amazonlinux-2-master-py3: {extends: '.test_instance'}
-# default-debian-10-3000-3-py3: {extends: '.test_instance'}
-# default-debian-9-3000-3-py3: {extends: '.test_instance'}
-# default-ubuntu-1804-3000-3-py3: {extends: '.test_instance'}
-# default-centos-8-3000-3-py3: {extends: '.test_instance'}
-# default-centos-7-3000-3-py3: {extends: '.test_instance'}
-# default-fedora-31-3000-3-py3: {extends: '.test_instance'}
-# default-opensuse-leap-152-3000-3-py3: {extends: '.test_instance'}
-# default-amazonlinux-2-3000-3-py3: {extends: '.test_instance'}
-# default-ubuntu-1804-3000-3-py2: {extends: '.test_instance'}
-# default-ubuntu-1604-3000-3-py2: {extends: '.test_instance'}
-# default-arch-base-latest-3000-3-py2: {extends: '.test_instance'}
-# default-debian-10-2019-2-py3: {extends: '.test_instance'}
-# default-debian-9-2019-2-py3: {extends: '.test_instance'}
-# default-ubuntu-1804-2019-2-py3: {extends: '.test_instance'}
-# default-ubuntu-1604-2019-2-py3: {extends: '.test_instance'}
-# default-centos-8-2019-2-py3: {extends: '.test_instance'}
-# default-centos-7-2019-2-py3: {extends: '.test_instance'}
-# default-fedora-31-2019-2-py3: {extends: '.test_instance'}
-# default-opensuse-leap-152-2019-2-py3: {extends: '.test_instance'}
-# default-amazonlinux-2-2019-2-py3: {extends: '.test_instance'}
-# default-centos-6-2019-2-py2: {extends: '.test_instance'}
-# default-amazonlinux-1-2019-2-py2: {extends: '.test_instance'}
-default-arch-base-latest-2019-2-py2: {extends: '.test_instance'}
+default-oraclelinux-8-master-py3: {extends: '.test_instance'}
+default-oraclelinux-7-master-py3: {extends: '.test_instance'}
+default-arch-base-latest-master-py3: {extends: '.test_instance'}
+default-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
+default-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
+default-almalinux-8-master-py3: {extends: '.test_instance'}
+default-rockylinux-8-master-py3: {extends: '.test_instance'}
+# default-debian-11-3004-1-py3: {extends: '.test_instance'}
+# default-debian-10-3004-1-py3: {extends: '.test_instance'}
+# default-debian-9-3004-1-py3: {extends: '.test_instance'}
+# default-ubuntu-2204-3004-1-py3: {extends: '.test_instance_failure_permitted'}
+# default-ubuntu-2004-3004-1-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3004-1-py3: {extends: '.test_instance'}
+# default-centos-stream8-3004-1-py3: {extends: '.test_instance_failure_permitted'}
+# default-centos-7-3004-1-py3: {extends: '.test_instance'}
+# default-fedora-36-3004-1-py3: {extends: '.test_instance_failure_permitted'}
+# default-fedora-35-3004-1-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-3004-1-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-3004-1-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-3004-1-py3: {extends: '.test_instance'}
+# default-arch-base-latest-3004-1-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-latest-3004-1-py3: {extends: '.test_instance'}
+# default-gentoo-stage3-systemd-3004-1-py3: {extends: '.test_instance'}
+# default-almalinux-8-3004-1-py3: {extends: '.test_instance'}
+# default-rockylinux-8-3004-1-py3: {extends: '.test_instance'}
+# default-opensuse-leap-153-3004-0-py3: {extends: '.test_instance'}
+# default-opensuse-tmbl-latest-3004-0-py3: {extends: '.test_instance_failure_permitted'}
+# default-debian-10-3003-4-py3: {extends: '.test_instance'}
+# default-debian-9-3003-4-py3: {extends: '.test_instance'}
+# default-ubuntu-2004-3003-4-py3: {extends: '.test_instance'}
+# default-ubuntu-1804-3003-4-py3: {extends: '.test_instance'}
+# default-centos-stream8-3003-4-py3: {extends: '.test_instance_failure_permitted'}
+# default-centos-7-3003-4-py3: {extends: '.test_instance'}
+# default-amazonlinux-2-3003-4-py3: {extends: '.test_instance'}
+# default-oraclelinux-8-3003-4-py3: {extends: '.test_instance'}
+# default-oraclelinux-7-3003-4-py3: {extends: '.test_instance'}
+# default-almalinux-8-3003-4-py3: {extends: '.test_instance'}
+# yamllint enable rule:line-length

 ###############################################################################
 # `release` stage: `semantic-release`
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -3,6 +3,18 @@
 ---
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
+ci:
+  autofix_commit_msg: |
+    ci(pre-commit.ci): apply auto fixes from pre-commit.com hooks
+
+    For more information, see https://pre-commit.ci
+  autofix_prs: true
+  autoupdate_branch: ''
+  autoupdate_commit_msg: |
+    ci(pre-commit.ci): perform `pre-commit` autoupdate
+  autoupdate_schedule: quarterly
+  skip: []
+  submodules: false
 default_stages: [commit]
 repos:
  - repo: https://github.com/dafyddj/commitlint-pre-commit-hook
@ -17,24 +29,23 @@ repos:
        stages: [manual]
        additional_dependencies: ['@commitlint/config-conventional@8.3.4']
        always_run: true
-  - repo: https://github.com/adithyabsk/mirrors-rubocop
-    rev: v0.91.0
+  - repo: https://github.com/rubocop-hq/rubocop
+    rev: v1.30.1
    hooks:
      - id: rubocop
        name: Check Ruby files with rubocop
        args: [--debug]
        always_run: true
        pass_filenames: false
-  - repo: https://github.com/jumanjihouse/pre-commit-hooks
-    rev: 2.1.3
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: v0.8.0.4
    hooks:
      - id: shellcheck
        name: Check shell scripts with shellcheck
        files: ^.*\.(sh|bash|ksh)$
        types: []
-        args: []
-  - repo: https://github.com/adrienverge/yamllint.git
-    rev: v1.23.0
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.26.3
    hooks:
      - id: yamllint
        name: Check YAML syntax with yamllint
@ -42,7 +53,7 @@ repos:
        always_run: true
        pass_filenames: false
  - repo: https://github.com/warpnet/salt-lint
-    rev: v0.3.0
+    rev: v0.8.0
    hooks:
      - id: salt-lint
        name: Check Salt files using salt-lint
@ -53,4 +64,14 @@ repos:
      - id: rstcheck
        name: Check reST files using rstcheck
        exclude: 'docs/CHANGELOG.rst'
-        args: [--report=warning]
+  - repo: https://github.com/saltstack-formulas/mirrors-rst-lint
+    rev: v1.3.2
+    hooks:
+      - id: rst-lint
+        name: Check reST files using rst-lint
+        exclude: |
+            (?x)^(
+                docs/CHANGELOG.rst|
+                docs/TOFS_pattern.rst|
+            )$
+        additional_dependencies: [pygments==2.9.0]
--- a/.rstcheck.cfg
+++ b/.rstcheck.cfg
@ -1,3 +1,4 @@
 [rstcheck]
-report=error
+report=info
 ignore_language=rst
+ignore_messages=(Duplicate (ex|im)plicit target.*|Hyperlink target ".*" is not referenced\.$)
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -7,10 +7,17 @@ Layout/LineLength:
  # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
  Max: 88
 Metrics/BlockLength:
-  ExcludedMethods:
+  IgnoredMethods:
    - control
    - describe
  # Increase from default of `25`
  Max: 30
+Security/YAMLLoad:
+  Exclude:
+    - test/integration/**/_mapdata.rb
+
+# General settings across all cops in this formula
+AllCops:
+  NewCops: enable

 # Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`
--- a/.travis.yml
+++ b/.travis.yml
@ -83,37 +83,69 @@ jobs:
    ## Define the rest of the matrix based on Kitchen testing
    # Make sure the instances listed below match up with
    # the `platforms` defined in `kitchen.yml`
+    # - env: INSTANCE=default-debian-11-tiamat-py3
+    # - env: INSTANCE=default-debian-10-tiamat-py3
+    # - env: INSTANCE=default-debian-9-tiamat-py3
+    # - env: INSTANCE=default-ubuntu-2204-tiamat-py3
+    # - env: INSTANCE=default-ubuntu-2004-tiamat-py3
+    # - env: INSTANCE=default-ubuntu-1804-tiamat-py3
+    # - env: INSTANCE=default-centos-stream8-tiamat-py3
+    # - env: INSTANCE=default-centos-7-tiamat-py3
+    # - env: INSTANCE=default-amazonlinux-2-tiamat-py3
+    # - env: INSTANCE=default-oraclelinux-8-tiamat-py3
+    # - env: INSTANCE=default-oraclelinux-7-tiamat-py3
+    # - env: INSTANCE=default-almalinux-8-tiamat-py3
+    # - env: INSTANCE=default-rockylinux-8-tiamat-py3
+    - env: INSTANCE=default-debian-11-master-py3
    - env: INSTANCE=default-debian-10-master-py3
+    - env: INSTANCE=default-debian-9-master-py3
+    - env: INSTANCE=default-ubuntu-2204-master-py3
    - env: INSTANCE=default-ubuntu-2004-master-py3
-    # - env: INSTANCE=default-ubuntu-1804-master-py3
-    - env: INSTANCE=default-centos-8-master-py3
-    - env: INSTANCE=default-fedora-32-master-py3
-    # - env: INSTANCE=default-fedora-31-master-py3
-    - env: INSTANCE=default-opensuse-leap-152-master-py3
+    - env: INSTANCE=default-ubuntu-1804-master-py3
+    - env: INSTANCE=default-centos-stream8-master-py3
+    - env: INSTANCE=default-centos-7-master-py3
+    - env: INSTANCE=default-fedora-36-master-py3
+    - env: INSTANCE=default-fedora-35-master-py3
+    - env: INSTANCE=default-opensuse-leap-153-master-py3
+    - env: INSTANCE=default-opensuse-tmbl-latest-master-py3
    - env: INSTANCE=default-amazonlinux-2-master-py3
-    # - env: INSTANCE=default-debian-10-3000-3-py3
-    # - env: INSTANCE=default-debian-9-3000-3-py3
-    # - env: INSTANCE=default-ubuntu-1804-3000-3-py3
-    # - env: INSTANCE=default-centos-8-3000-3-py3
-    # - env: INSTANCE=default-centos-7-3000-3-py3
-    # - env: INSTANCE=default-fedora-31-3000-3-py3
-    # - env: INSTANCE=default-opensuse-leap-152-3000-3-py3
-    # - env: INSTANCE=default-amazonlinux-2-3000-3-py3
-    # - env: INSTANCE=default-ubuntu-1804-3000-3-py2
-    # - env: INSTANCE=default-ubuntu-1604-3000-3-py2
-    # - env: INSTANCE=default-arch-base-latest-3000-3-py2
-    # - env: INSTANCE=default-debian-10-2019-2-py3
-    # - env: INSTANCE=default-debian-9-2019-2-py3
-    # - env: INSTANCE=default-ubuntu-1804-2019-2-py3
-    # - env: INSTANCE=default-ubuntu-1604-2019-2-py3
-    # - env: INSTANCE=default-centos-8-2019-2-py3
-    # - env: INSTANCE=default-centos-7-2019-2-py3
-    # - env: INSTANCE=default-fedora-31-2019-2-py3
-    # - env: INSTANCE=default-opensuse-leap-152-2019-2-py3
-    # - env: INSTANCE=default-amazonlinux-2-2019-2-py3
-    # - env: INSTANCE=default-centos-6-2019-2-py2
-    # - env: INSTANCE=default-amazonlinux-1-2019-2-py2
-    - env: INSTANCE=default-arch-base-latest-2019-2-py2
+    - env: INSTANCE=default-oraclelinux-8-master-py3
+    - env: INSTANCE=default-oraclelinux-7-master-py3
+    - env: INSTANCE=default-arch-base-latest-master-py3
+    - env: INSTANCE=default-gentoo-stage3-latest-master-py3
+    - env: INSTANCE=default-gentoo-stage3-systemd-master-py3
+    - env: INSTANCE=default-almalinux-8-master-py3
+    - env: INSTANCE=default-rockylinux-8-master-py3
+    # - env: INSTANCE=default-debian-11-3004-1-py3
+    # - env: INSTANCE=default-debian-10-3004-1-py3
+    # - env: INSTANCE=default-debian-9-3004-1-py3
+    # - env: INSTANCE=default-ubuntu-2204-3004-1-py3
+    # - env: INSTANCE=default-ubuntu-2004-3004-1-py3
+    # - env: INSTANCE=default-ubuntu-1804-3004-1-py3
+    # - env: INSTANCE=default-centos-stream8-3004-1-py3
+    # - env: INSTANCE=default-centos-7-3004-1-py3
+    # - env: INSTANCE=default-fedora-36-3004-1-py3
+    # - env: INSTANCE=default-fedora-35-3004-1-py3
+    # - env: INSTANCE=default-amazonlinux-2-3004-1-py3
+    # - env: INSTANCE=default-oraclelinux-8-3004-1-py3
+    # - env: INSTANCE=default-oraclelinux-7-3004-1-py3
+    # - env: INSTANCE=default-arch-base-latest-3004-1-py3
+    # - env: INSTANCE=default-gentoo-stage3-latest-3004-1-py3
+    # - env: INSTANCE=default-gentoo-stage3-systemd-3004-1-py3
+    # - env: INSTANCE=default-almalinux-8-3004-1-py3
+    # - env: INSTANCE=default-rockylinux-8-3004-1-py3
+    # - env: INSTANCE=default-opensuse-leap-153-3004-0-py3
+    # - env: INSTANCE=default-opensuse-tmbl-latest-3004-0-py3
+    # - env: INSTANCE=default-debian-10-3003-4-py3
+    # - env: INSTANCE=default-debian-9-3003-4-py3
+    # - env: INSTANCE=default-ubuntu-2004-3003-4-py3
+    # - env: INSTANCE=default-ubuntu-1804-3003-4-py3
+    # - env: INSTANCE=default-centos-stream8-3003-4-py3
+    # - env: INSTANCE=default-centos-7-3003-4-py3
+    # - env: INSTANCE=default-amazonlinux-2-3003-4-py3
+    # - env: INSTANCE=default-oraclelinux-8-3003-4-py3
+    # - env: INSTANCE=default-oraclelinux-7-3003-4-py3
+    # - env: INSTANCE=default-almalinux-8-3003-4-py3

    ## Define the release stage that runs `semantic-release`
    - stage: 'release'
--- a/.yamllint
+++ b/.yamllint
@ -2,17 +2,25 @@
 # vim: ft=yaml
 ---
 # Extend the `default` configuration provided by `yamllint`
-extends: default
+extends: 'default'

 # Files to ignore completely
-# 1. All YAML files under directory `node_modules/`, introduced during the Travis run
-# 2. Any SLS files under directory `test/`, which are actually state files
-# 3. Any YAML files under directory `.kitchen/`, introduced during local testing
+# 1. All YAML files under directory `.bundle/`, introduced if gems are installed locally
+# 2. All YAML files under directory `.cache/`, introduced during the CI run
+# 3. All YAML files under directory `.git/`
+# 4. All YAML files under directory `node_modules/`, introduced during the CI run
+# 5. Any SLS files under directory `test/`, which are actually state files
+# 6. Any YAML files under directory `.kitchen/`, introduced during local testing
+# 7. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax
 ignore: |
+  .bundle/
  .cache/
+  .git/
  node_modules/
  test/**/states/**/*.sls
  .kitchen/
+  kitchen.vagrant.yml
+  test/salt/pillar/default.sls

 yaml-files:
  # Default settings
--- a/AUTHORS.md
+++ b/AUTHORS.md
@ -4,78 +4,79 @@ This list is sorted by the number of commits per contributor in _descending_ ord

 Avatar|Contributor|Contributions
 :-:|---|:-:
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>|[@myii](https://github.com/myii)|89
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1920805?v=4' width='36' height='36' alt='@alxwr'>|[@alxwr](https://github.com/alxwr)|38
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1233212?v=4' width='36' height='36' alt='@baby-gnu'>|[@baby-gnu](https://github.com/baby-gnu)|31
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/1396878?v=4' width='36' height='36' alt='@gravyboat'>|[@gravyboat](https://github.com/gravyboat)|28
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1800660?v=4' width='36' height='36' alt='@aboe76'>|[@aboe76](https://github.com/aboe76)|25
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/3374962?v=4' width='36' height='36' alt='@nmadhok'>|[@nmadhok](https://github.com/nmadhok)|15
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/91293?v=4' width='36' height='36' alt='@whiteinge'>|[@whiteinge](https://github.com/whiteinge)|9
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/8029478?v=4' width='36' height='36' alt='@rfairburn'>|[@rfairburn](https://github.com/rfairburn)|8
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/6018668?v=4' width='36' height='36' alt='@amendlik'>|[@amendlik](https://github.com/amendlik)|8
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/941928?v=4' width='36' height='36' alt='@amontalban'>|[@amontalban](https://github.com/amontalban)|7
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/242396?v=4' width='36' height='36' alt='@javierbertoli'>|[@javierbertoli](https://github.com/javierbertoli)|7
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/897349?v=4' width='36' height='36' alt='@kennydo'>|[@kennydo](https://github.com/kennydo)|7
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/17393048?v=4' width='36' height='36' alt='@ek9'>|[@ek9](https://github.com/ek9)|7
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/6215293?v=4' width='36' height='36' alt='@0xf10e'>|[@0xf10e](https://github.com/0xf10e)|7
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/642259?v=4' width='36' height='36' alt='@pepoluan'>|[@pepoluan](https://github.com/pepoluan)|5
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/10227523?v=4' width='36' height='36' alt='@llua'>|[@llua](https://github.com/llua)|5
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/528061?v=4' width='36' height='36' alt='@puneetk'>|[@puneetk](https://github.com/puneetk)|5
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/3375654?v=4' width='36' height='36' alt='@nterupt'>|[@nterupt](https://github.com/nterupt)|4
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/10141454?v=4' width='36' height='36' alt='@mathieupotier'>|[@mathieupotier](https://github.com/mathieupotier)|4
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/1079875?v=4' width='36' height='36' alt='@bogdanr'>|[@bogdanr](https://github.com/bogdanr)|3
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/287147?v=4' width='36' height='36' alt='@techhat'>|[@techhat](https://github.com/techhat)|3
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/13550?v=4' width='36' height='36' alt='@mikemol'>|[@mikemol](https://github.com/mikemol)|3
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/358074?v=4' width='36' height='36' alt='@pcdummy'>|[@pcdummy](https://github.com/pcdummy)|3
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/507599?v=4' width='36' height='36' alt='@thatch45'>|[@thatch45](https://github.com/thatch45)|3
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/117961?v=4' width='36' height='36' alt='@babilen5'>|[@babilen5](https://github.com/babilen5)|3
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/2061751?v=4' width='36' height='36' alt='@matthew-parlette'>|[@matthew-parlette](https://github.com/matthew-parlette)|3
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/1013915?v=4' width='36' height='36' alt='@rhertzog'>|[@rhertzog](https://github.com/rhertzog)|3
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/36720?v=4' width='36' height='36' alt='@brot'>|[@brot](https://github.com/brot)|2
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/776662?v=4' width='36' height='36' alt='@carlosperello'>|[@carlosperello](https://github.com/carlosperello)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/4195158?v=4' width='36' height='36' alt='@dafyddj'>|[@dafyddj](https://github.com/dafyddj)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/114159?v=4' width='36' height='36' alt='@fpletz'>|[@fpletz](https://github.com/fpletz)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/5255388?v=4' width='36' height='36' alt='@ingben'>|[@ingben](https://github.com/ingben)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/675056?v=4' width='36' height='36' alt='@OrangeDog'>|[@OrangeDog](https://github.com/OrangeDog)|2
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/2285387?v=4' width='36' height='36' alt='@kyrias'>|[@kyrias](https://github.com/kyrias)|2
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/924183?v=4' width='36' height='36' alt='@mschiff'>|[@mschiff](https://github.com/mschiff)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/3768412?v=4' width='36' height='36' alt='@stp-ip'>|[@stp-ip](https://github.com/stp-ip)|2
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/13322818?v=4' width='36' height='36' alt='@noelmcloughlin'>|[@noelmcloughlin](https://github.com/noelmcloughlin)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/299386?v=4' width='36' height='36' alt='@excavador'>|[@excavador](https://github.com/excavador)|2
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/4510160?v=4' width='36' height='36' alt='@hudecof'>|[@hudecof](https://github.com/hudecof)|2
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1004111?v=4' width='36' height='36' alt='@freach'>|[@freach](https://github.com/freach)|2
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/50891?v=4' width='36' height='36' alt='@westurner'>|[@westurner](https://github.com/westurner)|2
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/228723?v=4' width='36' height='36' alt='@abednarik'>|[@abednarik](https://github.com/abednarik)|2
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/26563851?v=4' width='36' height='36' alt='@chenmen'>|[@chenmen](https://github.com/chenmen)|2
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/850317?v=4' width='36' height='36' alt='@alanpearce'>|[@alanpearce](https://github.com/alanpearce)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/445200?v=4' width='36' height='36' alt='@arthurlogilab'>|[@arthurlogilab](https://github.com/arthurlogilab)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/1566437?v=4' width='36' height='36' alt='@bkmit'>|[@bkmit](https://github.com/bkmit)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/20098965?v=4' width='36' height='36' alt='@brianholland99'>|[@brianholland99](https://github.com/brianholland99)|1
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/20441?v=4' width='36' height='36' alt='@iggy'>|[@iggy](https://github.com/iggy)|1
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/13131979?v=4' width='36' height='36' alt='@BT-dschleich'>|[@BT-dschleich](https://github.com/BT-dschleich)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/3012076?v=4' width='36' height='36' alt='@fzipi'>|[@fzipi](https://github.com/fzipi)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/94157?v=4' width='36' height='36' alt='@imran1008'>|[@imran1008](https://github.com/imran1008)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/637504?v=4' width='36' height='36' alt='@jasperla'>|[@jasperla](https://github.com/jasperla)|1
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/350294?v=4' width='36' height='36' alt='@anderbubble'>|[@anderbubble](https://github.com/anderbubble)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/7613500?v=4' width='36' height='36' alt='@levlozhkin'>|[@levlozhkin](https://github.com/levlozhkin)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/25535310?v=4' width='36' height='36' alt='@polymeter'>|[@polymeter](https://github.com/polymeter)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/16899663?v=4' width='36' height='36' alt='@Mario-F'>|[@Mario-F](https://github.com/Mario-F)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/2869?v=4' width='36' height='36' alt='@nigelsim'>|[@nigelsim](https://github.com/nigelsim)|1
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/25389335?v=4' width='36' height='36' alt='@antifob'>|[@antifob](https://github.com/antifob)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1610802?v=4' width='36' height='36' alt='@robinelfrink'>|[@robinelfrink](https://github.com/robinelfrink)|1
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/2377054?v=4' width='36' height='36' alt='@smlloyd'>|[@smlloyd](https://github.com/smlloyd)|1
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/4156131?v=4' width='36' height='36' alt='@skylerberg'>|[@skylerberg](https://github.com/skylerberg)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/48949?v=4' width='36' height='36' alt='@tampakrap'>|[@tampakrap](https://github.com/tampakrap)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/566830?v=4' width='36' height='36' alt='@TJuberg'>|[@TJuberg](https://github.com/TJuberg)|1
-<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/1974659?v=4' width='36' height='36' alt='@tibold'>|[@tibold](https://github.com/tibold)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/1277162?v=4' width='36' height='36' alt='@brandonparsons'>|[@brandonparsons](https://github.com/brandonparsons)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1406670?v=4' width='36' height='36' alt='@elfixit'>|[@elfixit](https://github.com/elfixit)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/10122937?v=4' width='36' height='36' alt='@ketzacoatl'>|[@ketzacoatl](https://github.com/ketzacoatl)|1
-<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/15609251?v=4' width='36' height='36' alt='@omltorg'>|[@omltorg](https://github.com/omltorg)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1721508?v=4' width='36' height='36' alt='@reschl'>|[@reschl](https://github.com/reschl)|1
-<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/991850?v=4' width='36' height='36' alt='@scub'>|[@scub](https://github.com/scub)|1
-<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/8021992?v=4' width='36' height='36' alt='@tmeneau'>|[@tmeneau](https://github.com/tmeneau)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>|[@myii](https://github.com/myii)|165
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1920805?v=4' width='36' height='36' alt='@alxwr'>|[@alxwr](https://github.com/alxwr)|38
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1233212?v=4' width='36' height='36' alt='@baby-gnu'>|[@baby-gnu](https://github.com/baby-gnu)|33
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1396878?v=4' width='36' height='36' alt='@gravyboat'>|[@gravyboat](https://github.com/gravyboat)|28
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1800660?v=4' width='36' height='36' alt='@aboe76'>|[@aboe76](https://github.com/aboe76)|25
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3374962?v=4' width='36' height='36' alt='@nmadhok'>|[@nmadhok](https://github.com/nmadhok)|15
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/91293?v=4' width='36' height='36' alt='@whiteinge'>|[@whiteinge](https://github.com/whiteinge)|9
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/8029478?v=4' width='36' height='36' alt='@rfairburn'>|[@rfairburn](https://github.com/rfairburn)|8
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/6018668?v=4' width='36' height='36' alt='@amendlik'>|[@amendlik](https://github.com/amendlik)|8
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/941928?v=4' width='36' height='36' alt='@amontalban'>|[@amontalban](https://github.com/amontalban)|7
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/242396?v=4' width='36' height='36' alt='@javierbertoli'>|[@javierbertoli](https://github.com/javierbertoli)|7
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/897349?v=4' width='36' height='36' alt='@kennydo'>|[@kennydo](https://github.com/kennydo)|7
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/17393048?v=4' width='36' height='36' alt='@ek9'>|[@ek9](https://github.com/ek9)|7
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/6215293?v=4' width='36' height='36' alt='@0xf10e'>|[@0xf10e](https://github.com/0xf10e)|7
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/642259?v=4' width='36' height='36' alt='@pepoluan'>|[@pepoluan](https://github.com/pepoluan)|5
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10227523?v=4' width='36' height='36' alt='@llua'>|[@llua](https://github.com/llua)|5
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/528061?v=4' width='36' height='36' alt='@puneetk'>|[@puneetk](https://github.com/puneetk)|5
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3375654?v=4' width='36' height='36' alt='@nterupt'>|[@nterupt](https://github.com/nterupt)|4
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10141454?v=4' width='36' height='36' alt='@mathieupotier'>|[@mathieupotier](https://github.com/mathieupotier)|4
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1079875?v=4' width='36' height='36' alt='@bogdanr'>|[@bogdanr](https://github.com/bogdanr)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4195158?v=4' width='36' height='36' alt='@dafyddj'>|[@dafyddj](https://github.com/dafyddj)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/287147?v=4' width='36' height='36' alt='@techhat'>|[@techhat](https://github.com/techhat)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13550?v=4' width='36' height='36' alt='@mikemol'>|[@mikemol](https://github.com/mikemol)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/507599?v=4' width='36' height='36' alt='@thatch45'>|[@thatch45](https://github.com/thatch45)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/117961?v=4' width='36' height='36' alt='@babilen'>|[@babilen](https://github.com/babilen)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2061751?v=4' width='36' height='36' alt='@matthew-parlette'>|[@matthew-parlette](https://github.com/matthew-parlette)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13322818?v=4' width='36' height='36' alt='@noelmcloughlin'>|[@noelmcloughlin](https://github.com/noelmcloughlin)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1013915?v=4' width='36' height='36' alt='@rhertzog'>|[@rhertzog](https://github.com/rhertzog)|3
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/36720?v=4' width='36' height='36' alt='@brot'>|[@brot](https://github.com/brot)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/776662?v=4' width='36' height='36' alt='@carlosperello'>|[@carlosperello](https://github.com/carlosperello)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/114159?v=4' width='36' height='36' alt='@fpletz'>|[@fpletz](https://github.com/fpletz)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/5255388?v=4' width='36' height='36' alt='@ingben'>|[@ingben](https://github.com/ingben)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/675056?v=4' width='36' height='36' alt='@OrangeDog'>|[@OrangeDog](https://github.com/OrangeDog)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2285387?v=4' width='36' height='36' alt='@kyrias'>|[@kyrias](https://github.com/kyrias)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/924183?v=4' width='36' height='36' alt='@mschiff'>|[@mschiff](https://github.com/mschiff)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3768412?v=4' width='36' height='36' alt='@stp-ip'>|[@stp-ip](https://github.com/stp-ip)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/299386?v=4' width='36' height='36' alt='@excavador'>|[@excavador](https://github.com/excavador)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4510160?v=4' width='36' height='36' alt='@hudecof'>|[@hudecof](https://github.com/hudecof)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1004111?v=4' width='36' height='36' alt='@freach'>|[@freach](https://github.com/freach)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1353637?v=4' width='36' height='36' alt='@stasjok'>|[@stasjok](https://github.com/stasjok)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/50891?v=4' width='36' height='36' alt='@westurner'>|[@westurner](https://github.com/westurner)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/228723?v=4' width='36' height='36' alt='@abednarik'>|[@abednarik](https://github.com/abednarik)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/26563851?v=4' width='36' height='36' alt='@chenmen'>|[@chenmen](https://github.com/chenmen)|2
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/850317?v=4' width='36' height='36' alt='@alanpearce'>|[@alanpearce](https://github.com/alanpearce)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/445200?v=4' width='36' height='36' alt='@arthurlogilab'>|[@arthurlogilab](https://github.com/arthurlogilab)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1566437?v=4' width='36' height='36' alt='@bkmit'>|[@bkmit](https://github.com/bkmit)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/20098965?v=4' width='36' height='36' alt='@brianholland99'>|[@brianholland99](https://github.com/brianholland99)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/20441?v=4' width='36' height='36' alt='@iggy'>|[@iggy](https://github.com/iggy)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13131979?v=4' width='36' height='36' alt='@BT-dschleich'>|[@BT-dschleich](https://github.com/BT-dschleich)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3012076?v=4' width='36' height='36' alt='@fzipi'>|[@fzipi](https://github.com/fzipi)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/94157?v=4' width='36' height='36' alt='@imran1008'>|[@imran1008](https://github.com/imran1008)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/637504?v=4' width='36' height='36' alt='@jasperla'>|[@jasperla](https://github.com/jasperla)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/350294?v=4' width='36' height='36' alt='@anderbubble'>|[@anderbubble](https://github.com/anderbubble)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/7613500?v=4' width='36' height='36' alt='@levlozhkin'>|[@levlozhkin](https://github.com/levlozhkin)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/25535310?v=4' width='36' height='36' alt='@polymeter'>|[@polymeter](https://github.com/polymeter)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/16899663?v=4' width='36' height='36' alt='@Mario-F'>|[@Mario-F](https://github.com/Mario-F)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2869?v=4' width='36' height='36' alt='@nigelsim'>|[@nigelsim](https://github.com/nigelsim)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/25389335?v=4' width='36' height='36' alt='@antifob'>|[@antifob](https://github.com/antifob)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1610802?v=4' width='36' height='36' alt='@robinelfrink'>|[@robinelfrink](https://github.com/robinelfrink)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2377054?v=4' width='36' height='36' alt='@smlloyd'>|[@smlloyd](https://github.com/smlloyd)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4156131?v=4' width='36' height='36' alt='@skylerberg'>|[@skylerberg](https://github.com/skylerberg)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/48949?v=4' width='36' height='36' alt='@tampakrap'>|[@tampakrap](https://github.com/tampakrap)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/566830?v=4' width='36' height='36' alt='@TJuberg'>|[@TJuberg](https://github.com/TJuberg)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1974659?v=4' width='36' height='36' alt='@tibold'>|[@tibold](https://github.com/tibold)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/113170?v=4' width='36' height='36' alt='@TimJones'>|[@TimJones](https://github.com/TimJones)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1277162?v=4' width='36' height='36' alt='@brandonparsons'>|[@brandonparsons](https://github.com/brandonparsons)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1406670?v=4' width='36' height='36' alt='@elfixit'>|[@elfixit](https://github.com/elfixit)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10122937?v=4' width='36' height='36' alt='@ketzacoatl'>|[@ketzacoatl](https://github.com/ketzacoatl)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/15609251?v=4' width='36' height='36' alt='@omltorg'>|[@omltorg](https://github.com/omltorg)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1721508?v=4' width='36' height='36' alt='@reschl'>|[@reschl](https://github.com/reschl)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/991850?v=4' width='36' height='36' alt='@scub'>|[@scub](https://github.com/scub)|1
+<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/8021992?v=4' width='36' height='36' alt='@tmeneau'>|[@tmeneau](https://github.com/tmeneau)|1

 ---

-Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2021-01-12.
+Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2022-02-21.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,106 @@
 # Changelog

+## [3.0.3](https://github.com/saltstack-formulas/openssh-formula/compare/v3.0.2...v3.0.3) (2022-02-21)
+
+
+### Bug Fixes
+
+* **libmapstack:** allow mapping by booleans and numbers ([40ba5a7](https://github.com/saltstack-formulas/openssh-formula/commit/40ba5a72c6476fa7deb4e73a01e78530da4c45d9))
+
+
+### Continuous Integration
+
+* update linters to latest versions [skip ci] ([81f97c0](https://github.com/saltstack-formulas/openssh-formula/commit/81f97c0457b7b30a6464c066fcb83ca77def9371))
+
+
+### Styles
+
+* **libsaltcli:** fix comments to jinja comments [skip ci] ([3416d94](https://github.com/saltstack-formulas/openssh-formula/commit/3416d94a36ab0c38942dba8d660652592f74a019))
+
+
+### Tests
+
+* **system:** add `build_platform_codename` [skip ci] ([aaa1828](https://github.com/saltstack-formulas/openssh-formula/commit/aaa1828f8683cb306b4532805d8095b095649af5))
+
+## [3.0.2](https://github.com/saltstack-formulas/openssh-formula/compare/v3.0.1...v3.0.2) (2022-02-03)
+
+
+### Bug Fixes
+
+* **libmatchers:** python client API can use `config.get` options ([560a5cc](https://github.com/saltstack-formulas/openssh-formula/commit/560a5ccbbc1c657fce621da945981cd0bd701879))
+
+
+### Code Refactoring
+
+* **map.jinja:** standardise v5 structure [skip ci] ([3162842](https://github.com/saltstack-formulas/openssh-formula/commit/3162842ec5531b72a28fff592e1b63d33aa2cd59))
+
+
+### Continuous Integration
+
+* **3003.1:** update inc. AlmaLinux, Rocky & `rst-lint` [skip ci] ([7190129](https://github.com/saltstack-formulas/openssh-formula/commit/719012908469f50e510779e1b82fb5605f54053a))
+* **freebsd:** update with latest pre-salted Vagrant boxes [skip ci] ([943cf17](https://github.com/saltstack-formulas/openssh-formula/commit/943cf1790370fa32d19f6e367510d513fc9cbbb6))
+* **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] ([8b2cd1b](https://github.com/saltstack-formulas/openssh-formula/commit/8b2cd1b0e6a872928d2095170e9524274c9de3e2))
+* **gemfile+lock:** use `ssf` customised `inspec` repo [skip ci] ([e5d83f3](https://github.com/saltstack-formulas/openssh-formula/commit/e5d83f3f36152c57c6701fdb5d28b624830dc8e0))
+* **kitchen:** move `provisioner` block & update `run_command` [skip ci] ([1685782](https://github.com/saltstack-formulas/openssh-formula/commit/168578285aa3291c4cca775daae299aa0889f1d5))
+* **kitchen+ci:** update with `3004` pre-salted images/boxes [skip ci] ([e59160f](https://github.com/saltstack-formulas/openssh-formula/commit/e59160f8461386c148b8e61f43e4c3a0d0b89587))
+* **kitchen+ci:** update with latest `3003.2` pre-salted images [skip ci] ([d48bdde](https://github.com/saltstack-formulas/openssh-formula/commit/d48bdde2c6919d73a79301f46ec058668d413aac))
+* **kitchen+ci:** update with latest CVE pre-salted images [skip ci] ([5d4ed95](https://github.com/saltstack-formulas/openssh-formula/commit/5d4ed95572dbdb7b93c2ff3cafca71ed8a6a4034))
+* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] ([b7ddbb0](https://github.com/saltstack-formulas/openssh-formula/commit/b7ddbb0e186b74d5c9ae0abd75b187f08aab896e))
+* **kitchen+gitlab:** update for new pre-salted images [skip ci] ([eede9fa](https://github.com/saltstack-formulas/openssh-formula/commit/eede9fa54c84b92aab2f7c036e41f53df1389e0c))
+* **vagrant:** replace FreeBSD 12.2 with 12.3 [skip ci] ([5e8a886](https://github.com/saltstack-formulas/openssh-formula/commit/5e8a88631351c1621da415bc0decae808b9bfc1b))
+* add Debian 11 Bullseye & update `yamllint` configuration [skip ci] ([efb6799](https://github.com/saltstack-formulas/openssh-formula/commit/efb679941a6940b1e94a1b0b3fdbaa25ff3f5d12))
+* **vagrant:** add OpenBSD 6.9 [skip ci] ([fb78927](https://github.com/saltstack-formulas/openssh-formula/commit/fb789274811a3acce1589280137fab8dd78cd0d2))
+* add `arch-master` to matrix and update `.travis.yml` [skip ci] ([1af42b2](https://github.com/saltstack-formulas/openssh-formula/commit/1af42b215e96715f3ddeae13aab6fcbbcfd258b4))
+* **kitchen+gitlab:** adjust matrix to add `3003` [skip ci] ([c82927f](https://github.com/saltstack-formulas/openssh-formula/commit/c82927fbc8dd40aea584c6fbee2a5d08eac7c31e))
+* **vagrant:** add FreeBSD 13.0 [skip ci] ([7c69859](https://github.com/saltstack-formulas/openssh-formula/commit/7c698591c862c412894416f5037892f13f2ed514))
+* **vagrant:** use pre-salted boxes & conditional local settings [skip ci] ([531de16](https://github.com/saltstack-formulas/openssh-formula/commit/531de164b66ef66b66fadd2369ad302916131e39))
+
+
+### Documentation
+
+* **readme:** fix headings [skip ci] ([52abade](https://github.com/saltstack-formulas/openssh-formula/commit/52abade1821ba7afa1ed313ba9a4d8250283938b))
+
+
+### Tests
+
+* **_mapdata:** add verification file for `debian-11` [skip ci] ([42e17b2](https://github.com/saltstack-formulas/openssh-formula/commit/42e17b28712b3bf369ac4629b21705a54c5763d6))
+* **_mapdata:** add verification file for `fedora-34` [skip ci] ([3f6c4a0](https://github.com/saltstack-formulas/openssh-formula/commit/3f6c4a05acbf5b41b771b4a44a897e7353190efa))
+* **alma+rocky:** add platforms (based on CentOS 8) [skip ci] ([2dc565b](https://github.com/saltstack-formulas/openssh-formula/commit/2dc565b7c7a467b55e199e47e0d5fe4486360e34))
+* **default:** use `grains.get` for `oscodename` (for FreeBSD) [skip ci] ([aa8f9db](https://github.com/saltstack-formulas/openssh-formula/commit/aa8f9dbfd6e534e53557b4ae917a90951f8714ac))
+* **freebsd:** add `map.jinja` verification file (for 13.0) ([018a47c](https://github.com/saltstack-formulas/openssh-formula/commit/018a47cdd89dac21c05265db7cb5ee8ec9bd0ada))
+* **pillar:** add `ssh-rsa` Kitchen workaround on Arch Linux [skip ci] ([ecd62e4](https://github.com/saltstack-formulas/openssh-formula/commit/ecd62e45075c19bce13d42d88c9372c1a308699f))
+* **pillar:** add `ssh-rsa` Kitchen workaround on Gentoo [skip ci] ([d65ea55](https://github.com/saltstack-formulas/openssh-formula/commit/d65ea55d94d1cd314412daa6388eda080ab70725))
+* **pillar:** add platforms to `ssh-rsa` Kitchen workaround [skip ci] ([6260e85](https://github.com/saltstack-formulas/openssh-formula/commit/6260e852800a3a5481cc0df73a5f689a48599ea2))
+
+## [3.0.1](https://github.com/saltstack-formulas/openssh-formula/compare/v3.0.0...v3.0.1) (2021-03-26)
+
+
+### Bug Fixes
+
+* **openbsd:** fix `dig_pkg`, avoid `UsePAM` & add verification file ([2868560](https://github.com/saltstack-formulas/openssh-formula/commit/286856058ac1b7231cbd3455826a751963c3ca45))
+
+
+### Continuous Integration
+
+* enable Vagrant-based testing using GitHub Actions ([f1af455](https://github.com/saltstack-formulas/openssh-formula/commit/f1af45593d967c9ac734702fa31b922d28053d32))
+* **gemfile+lock:** use `ssf` customised `kitchen-docker` repo [skip ci] ([01512a0](https://github.com/saltstack-formulas/openssh-formula/commit/01512a0ec47b42ea41fcc949f59372b7e95e817c))
+* **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] ([79321be](https://github.com/saltstack-formulas/openssh-formula/commit/79321be76fa91234414dd53ea81ee0327276bafe))
+* **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] ([c2a366f](https://github.com/saltstack-formulas/openssh-formula/commit/c2a366f9c721fc0956cd08c5e3f239a751be7a10))
+* **pre-commit:** update hook for `rubocop` [skip ci] ([ccb6a44](https://github.com/saltstack-formulas/openssh-formula/commit/ccb6a4487580eb75b3d735e7cfb398f2b8ebb316))
+
+
+### Documentation
+
+* **readme:** add `Testing with Vagrant` section ([2f8c31c](https://github.com/saltstack-formulas/openssh-formula/commit/2f8c31c66c56d7c7626c5193d7386cc280e16322))
+
+
+### Tests
+
+* **freebsd:** add `map.jinja` verification files (for 11.4 & 12.2) ([4c857fe](https://github.com/saltstack-formulas/openssh-formula/commit/4c857fe07156260a206c9d33c7a87ce60a324803))
+* standardise use of `share` suite & `_mapdata` state [skip ci] ([35a2124](https://github.com/saltstack-formulas/openssh-formula/commit/35a2124a43da14c8cb64040b0b5f2d1b4b7545fe))
+* **_mapdata:** add verification files for new platforms ([748eded](https://github.com/saltstack-formulas/openssh-formula/commit/748ededc7af79b792cac8fa01abcd20c8c27d8ed))
+* **share:** standardise with latest changes [skip ci] ([de969f1](https://github.com/saltstack-formulas/openssh-formula/commit/de969f10f1b22a86491f1b33d1d06eb7d721a980))
+
 # [3.0.0](https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.6...v3.0.0) (2021-01-12)


--- a/8
+++ b/8
@ -20,12 +20,16 @@
 /docs/CHANGELOG.rst                         @saltstack-formulas/ssf
 /docs/TOFS_pattern.rst                      @saltstack-formulas/ssf
 /*/_mapdata/                                @saltstack-formulas/ssf
+/*/libmapstack.jinja                        @saltstack-formulas/ssf
+/*/libmatchers.jinja                        @saltstack-formulas/ssf
 /*/libsaltcli.jinja                         @saltstack-formulas/ssf
 /*/libtofs.jinja                            @saltstack-formulas/ssf
-/test/integration/**/_mapdata_spec.rb       @saltstack-formulas/ssf
+/*/map.jinja                                @saltstack-formulas/ssf
+/test/integration/**/_mapdata.rb            @saltstack-formulas/ssf
 /test/integration/**/libraries/system.rb    @saltstack-formulas/ssf
 /test/integration/**/inspec.yml             @saltstack-formulas/ssf
 /test/integration/**/README.md              @saltstack-formulas/ssf
+/test/salt/pillar/top.sls                   @saltstack-formulas/ssf
 /.gitignore                                 @saltstack-formulas/ssf
 /.cirrus.yml                                @saltstack-formulas/ssf
 /.gitlab-ci.yml                             @saltstack-formulas/ssf
@ -43,6 +47,8 @@
 /Gemfile                                    @saltstack-formulas/ssf
 /Gemfile.lock                               @saltstack-formulas/ssf
 /kitchen.yml                                @saltstack-formulas/ssf
+/kitchen.vagrant.yml                        @saltstack-formulas/ssf
+/kitchen.windows.yml                        @saltstack-formulas/ssf
 /pre-commit_semantic-release.sh             @saltstack-formulas/ssf
 /release-rules.js                           @saltstack-formulas/ssf
 /release.config.js                          @saltstack-formulas/ssf
--- a/2
+++ b/2
@ -1,7 +1,7 @@
 name: openssh
 os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, Suse, openSUSE, Gentoo, Funtoo, Arch, Manjaro, Alpine, FreeBSD, OpenBSD, Solaris, SmartOS, Windows, MacOS
 os_family: Debian, RedHat, Suse, Gentoo, Arch, Alpine, FreeBSD, OpenBSD, Solaris, Windows, MacOS
-version: 3.0.0
+version: 3.0.3
 release: 1
 minimum_version: 2017.7
 summary: openssh formula
--- a/25
+++ b/25
@ -1,15 +1,22 @@
 # frozen_string_literal: true

-source 'https://rubygems.org'
+source ENV.fetch('PROXY_RUBYGEMSORG', 'https://rubygems.org')

-# Use the latest version of `inspec` prior to `4.23.4`, which introduces a
-# regression where the diff isn't displayed when comparing using `eq`.
-gem 'inspec',      '~> 4.22.22'
-# Install the `kitchen-docker` gem from GitHub because the latest version
-# currently available (`2.10.0`) doesn't include a recent fix for Gentoo.
-gem 'kitchen-docker', github: 'test-kitchen/kitchen-docker', ref: '41e80fe'
-gem 'kitchen-inspec', '>= 2.2.1'
-gem 'kitchen-salt', '>= 0.6.3'
+# Install the `inspec` gem using `git` because versions after `4.22.22`
+# suppress diff output; this version fixes this for our uses.
+# rubocop:disable Layout/LineLength
+gem 'inspec', git: 'https://gitlab.com/saltstack-formulas/infrastructure/inspec', branch: 'ssf'
+# rubocop:enable Layout/LineLength
+
+# Install the `kitchen-docker` gem using `git` in order to gain a performance
+# improvement: avoid package installations which are already covered by the
+# `salt-image-builder` (i.e. the pre-salted images that we're using)
+# rubocop:disable Layout/LineLength
+gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf'
+# rubocop:enable Layout/LineLength
+
+gem 'kitchen-inspec', '>= 2.5.0'
+gem 'kitchen-salt', '>= 0.7.2'

 group :vagrant do
  gem 'kitchen-vagrant'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -1,323 +1,420 @@
 GIT
-  remote: https://github.com/test-kitchen/kitchen-docker.git
-  revision: 41e80fed3a7cc86323e19c16a5a340cebf7e5848
-  ref: 41e80fe
+  remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec
+  revision: aaef842906a5666f0fc0b4f186b4dd3498f5b28c
+  branch: ssf
  specs:
-    kitchen-docker (2.10.0)
+    inspec (5.18.15)
+      cookstyle
+      faraday_middleware (>= 0.12.2, < 1.1)
+      inspec-core (= 5.18.15)
+      mongo (= 2.13.2)
+      progress_bar (~> 1.3.3)
+      rake
+      train (~> 3.10)
+      train-aws (~> 0.2)
+      train-habitat (~> 0.1)
+      train-winrm (~> 0.2)
+    inspec-core (5.18.15)
+      addressable (~> 2.4)
+      chef-telemetry (~> 1.0, >= 1.0.8)
+      faraday (>= 0.9.0, < 1.5)
+      faraday_middleware (~> 1.0)
+      hashie (>= 3.4, < 5.0)
+      license-acceptance (>= 0.2.13, < 3.0)
+      method_source (>= 0.8, < 2.0)
+      mixlib-log (~> 3.0)
+      multipart-post (~> 2.0)
+      parallel (~> 1.9)
+      parslet (>= 1.5, < 2.0)
+      pry (~> 0.13)
+      rspec (>= 3.9, <= 3.11)
+      rspec-its (~> 1.2)
+      rubyzip (>= 1.2.2, < 3.0)
+      semverse (~> 3.0)
+      sslshake (~> 1.2)
+      thor (>= 0.20, < 2.0)
+      tomlrb (>= 1.2, < 2.1)
+      train-core (~> 3.10)
+      tty-prompt (~> 0.17)
+      tty-table (~> 0.10)
+
+GIT
+  remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker
+  revision: 9a09bc1e571e25f3ccabf4725ca2048d970fff82
+  branch: ssf
+  specs:
+    kitchen-docker (2.12.0)
      test-kitchen (>= 1.0.0)

 GEM
  remote: https://rubygems.org/
  specs:
-    activesupport (5.2.4.4)
+    activesupport (7.0.3.1)
      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    addressable (2.7.0)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+    addressable (2.8.0)
      public_suffix (>= 2.0.2, < 5.0)
-    aws-eventstream (1.1.0)
-    aws-partitions (1.386.0)
-    aws-sdk-apigateway (1.55.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    ast (2.4.2)
+    aws-eventstream (1.2.0)
+    aws-partitions (1.607.0)
+    aws-sdk-alexaforbusiness (1.56.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-apigatewayv2 (1.29.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-amplify (1.32.0)
+      aws-sdk-core (~> 3, >= 3.120.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-athena (1.33.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-apigateway (1.78.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-autoscaling (1.22.0)
-      aws-sdk-core (~> 3, >= 3.52.1)
+    aws-sdk-apigatewayv2 (1.42.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-budgets (1.36.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-applicationautoscaling (1.51.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudformation (1.44.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-athena (1.55.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudfront (1.46.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-autoscaling (1.63.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudhsm (1.27.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-batch (1.47.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudhsmv2 (1.30.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-budgets (1.50.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudtrail (1.29.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudformation (1.70.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudwatch (1.45.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudfront (1.65.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-cloudwatchlogs (1.38.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudhsm (1.39.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-codecommit (1.40.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudhsmv2 (1.42.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-codedeploy (1.37.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudtrail (1.49.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-codepipeline (1.37.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudwatch (1.64.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-configservice (1.53.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-cloudwatchevents (1.46.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-core (3.109.1)
+    aws-sdk-cloudwatchlogs (1.53.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codecommit (1.51.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codedeploy (1.49.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codepipeline (1.53.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cognitoidentity (1.31.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cognitoidentityprovider (1.53.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-configservice (1.79.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-core (3.131.2)
      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.239.0)
+      aws-partitions (~> 1, >= 1.525.0)
      aws-sigv4 (~> 1.1)
-      jmespath (~> 1.0)
-    aws-sdk-costandusagereportservice (1.28.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+      jmespath (~> 1, >= 1.6.1)
+    aws-sdk-costandusagereportservice (1.40.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-dynamodb (1.55.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-databasemigrationservice (1.53.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-ec2 (1.202.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-dynamodb (1.75.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-ecr (1.39.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-ec2 (1.322.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-ecs (1.70.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-ecr (1.56.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-efs (1.36.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-ecrpublic (1.12.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-eks (1.45.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-ecs (1.100.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-elasticache (1.44.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-efs (1.54.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-elasticbeanstalk (1.39.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-eks (1.75.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-elasticloadbalancing (1.29.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-elasticache (1.78.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-elasticloadbalancingv2 (1.53.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-elasticbeanstalk (1.51.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-elasticsearchservice (1.43.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-elasticloadbalancing (1.40.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-firehose (1.35.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-elasticloadbalancingv2 (1.78.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-guardduty (1.42.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-elasticsearchservice (1.65.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-iam (1.46.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-emr (1.53.0)
+      aws-sdk-core (~> 3, >= 3.121.2)
      aws-sigv4 (~> 1.1)
-    aws-sdk-kafka (1.29.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-eventbridge (1.24.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-kinesis (1.30.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-firehose (1.48.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-kms (1.39.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-glue (1.88.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-lambda (1.51.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-guardduty (1.58.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-organizations (1.17.0)
-      aws-sdk-core (~> 3, >= 3.39.0)
-      aws-sigv4 (~> 1.0)
-    aws-sdk-rds (1.104.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-iam (1.69.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-redshift (1.50.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-kafka (1.50.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-route53 (1.44.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-kinesis (1.41.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-route53domains (1.28.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-kms (1.57.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-route53resolver (1.21.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-lambda (1.84.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.83.1)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-mq (1.40.0)
+      aws-sdk-core (~> 3, >= 3.120.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-networkfirewall (1.17.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-networkmanager (1.24.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-organizations (1.59.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ram (1.26.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-rds (1.148.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-redshift (1.84.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-route53 (1.63.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-route53domains (1.40.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-route53resolver (1.37.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3 (1.114.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sdk-kms (~> 1)
+      aws-sigv4 (~> 1.4)
+    aws-sdk-s3control (1.43.0)
+      aws-sdk-core (~> 3, >= 3.122.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-securityhub (1.35.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-secretsmanager (1.46.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-ses (1.36.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-securityhub (1.67.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-sms (1.27.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-servicecatalog (1.60.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-sns (1.34.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-ses (1.41.0)
+      aws-sdk-core (~> 3, >= 3.120.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-sqs (1.34.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-shield (1.48.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-ssm (1.95.0)
-      aws-sdk-core (~> 3, >= 3.109.0)
+    aws-sdk-signer (1.32.0)
+      aws-sdk-core (~> 3, >= 3.120.0)
      aws-sigv4 (~> 1.1)
-    aws-sigv4 (1.2.2)
+    aws-sdk-simpledb (1.29.0)
+      aws-sdk-core (~> 3, >= 3.120.0)
+      aws-sigv2 (~> 1.0)
+    aws-sdk-sms (1.40.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sns (1.53.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sqs (1.51.1)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ssm (1.137.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-states (1.39.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-synthetics (1.19.0)
+      aws-sdk-core (~> 3, >= 3.121.2)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-transfer (1.34.0)
+      aws-sdk-core (~> 3, >= 3.112.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-waf (1.43.0)
+      aws-sdk-core (~> 3, >= 3.122.0)
+      aws-sigv4 (~> 1.1)
+    aws-sigv2 (1.1.0)
+    aws-sigv4 (1.5.0)
      aws-eventstream (~> 1, >= 1.0.2)
    azure_graph_rbac (0.17.2)
      ms_rest_azure (~> 0.12.0)
-    azure_mgmt_key_vault (0.17.6)
+    azure_mgmt_key_vault (0.17.7)
      ms_rest_azure (~> 0.12.0)
-    azure_mgmt_resources (0.18.0)
+    azure_mgmt_resources (0.18.2)
      ms_rest_azure (~> 0.12.0)
-    azure_mgmt_security (0.18.2)
+    azure_mgmt_security (0.19.0)
      ms_rest_azure (~> 0.12.0)
-    azure_mgmt_storage (0.22.0)
+    azure_mgmt_storage (0.23.0)
      ms_rest_azure (~> 0.12.0)
-    bcrypt_pbkdf (1.0.1)
+    bcrypt_pbkdf (1.1.0)
+    bson (4.15.0)
    builder (3.2.4)
-    chef-config (16.6.14)
+    chef-config (17.10.0)
      addressable
-      chef-utils (= 16.6.14)
+      chef-utils (= 17.10.0)
      fuzzyurl
      mixlib-config (>= 2.2.12, < 4.0)
      mixlib-shellout (>= 2.0, < 4.0)
      tomlrb (~> 1.2)
-    chef-telemetry (1.0.14)
+    chef-telemetry (1.1.1)
      chef-config
      concurrent-ruby (~> 1.0)
-      ffi-yajl (~> 2.2)
-    chef-utils (16.6.14)
+    chef-utils (17.10.0)
+      concurrent-ruby
    coderay (1.1.3)
-    concurrent-ruby (1.1.7)
+    concurrent-ruby (1.1.10)
+    cookstyle (7.32.1)
+      rubocop (= 1.25.1)
    declarative (0.0.20)
-    declarative-option (0.1.0)
-    diff-lcs (1.4.4)
-    docker-api (2.0.0)
+    diff-lcs (1.5.0)
+    docker-api (2.2.0)
      excon (>= 0.47.0)
      multi_json
    domain_name (0.5.20190701)
      unf (>= 0.0.5, < 1.0.0)
-    ecma-re-validator (0.2.1)
-      regexp_parser (~> 1.2)
-    ed25519 (1.2.4)
-    erubi (1.9.0)
-    excon (0.78.0)
-    faraday (0.17.3)
+    ed25519 (1.3.0)
+    erubi (1.10.0)
+    excon (0.92.3)
+    faraday (1.4.3)
+      faraday-em_http (~> 1.0)
+      faraday-em_synchrony (~> 1.0)
+      faraday-excon (~> 1.1)
+      faraday-net_http (~> 1.0)
+      faraday-net_http_persistent (~> 1.1)
      multipart-post (>= 1.2, < 3)
+      ruby2_keywords (>= 0.0.4)
    faraday-cookie_jar (0.0.7)
      faraday (>= 0.8.0)
      http-cookie (~> 1.0.0)
-    faraday_middleware (0.12.2)
-      faraday (>= 0.7.4, < 1.0)
-    ffi (1.13.1)
-    ffi-yajl (2.3.4)
-      libyajl2 (~> 1.2)
+    faraday-em_http (1.0.0)
+    faraday-em_synchrony (1.0.0)
+    faraday-excon (1.1.0)
+    faraday-net_http (1.0.1)
+    faraday-net_http_persistent (1.2.0)
+    faraday_middleware (1.0.0)
+      faraday (~> 1.0)
+    ffi (1.15.5)
    fuzzyurl (0.9.0)
-    google-api-client (0.44.0)
+    google-api-client (0.52.0)
      addressable (~> 2.5, >= 2.5.1)
      googleauth (~> 0.9)
      httpclient (>= 2.8.1, < 3.0)
      mini_mime (~> 1.0)
      representable (~> 3.0)
      retriable (>= 2.0, < 4.0)
+      rexml
      signet (~> 0.12)
-    googleauth (0.13.0)
+    googleauth (0.14.0)
      faraday (>= 0.17.3, < 2.0)
      jwt (>= 1.4, < 3.0)
      memoist (~> 0.16)
      multi_json (~> 1.11)
      os (>= 0.9, < 2.0)
      signet (~> 0.14)
-    gssapi (1.3.0)
+    gssapi (1.3.1)
      ffi (>= 1.0.1)
-    gyoku (1.3.1)
+    gyoku (1.4.0)
      builder (>= 2.1.2)
-    hana (1.3.6)
-    hashie (3.6.0)
-    http-cookie (1.0.3)
+      rexml (~> 3.0)
+    hashie (4.1.0)
+    highline (2.0.3)
+    http-cookie (1.0.5)
      domain_name (~> 0.5)
    httpclient (2.8.3)
-    i18n (1.8.5)
+    i18n (1.12.0)
      concurrent-ruby (~> 1.0)
    inifile (3.0.0)
-    inspec (4.22.22)
-      faraday_middleware (~> 0.12.2)
-      inspec-core (= 4.22.22)
-      train (~> 3.0)
-      train-aws (~> 0.1)
-      train-habitat (~> 0.1)
-      train-winrm (~> 0.2)
-    inspec-core (4.22.22)
-      addressable (~> 2.4)
-      chef-telemetry (~> 1.0)
-      faraday (>= 0.9.0)
-      hashie (~> 3.4)
-      json_schemer (>= 0.2.1, < 0.2.12)
-      license-acceptance (>= 0.2.13, < 2.0)
-      method_source (>= 0.8, < 2.0)
-      mixlib-log (~> 3.0)
-      multipart-post (~> 2.0)
-      parallel (~> 1.9)
-      parslet (~> 1.5)
-      pry (~> 0.13)
-      rspec (~> 3.9)
-      rspec-its (~> 1.2)
-      rubyzip (~> 1.2, >= 1.2.2)
-      semverse (~> 3.0)
-      sslshake (~> 1.2)
-      thor (>= 0.20, < 2.0)
-      tomlrb (~> 1.2.0)
-      train-core (~> 3.0)
-      tty-prompt (~> 0.17)
-      tty-table (~> 0.10)
-    jmespath (1.4.0)
-    json (2.3.1)
-    json_schemer (0.2.11)
-      ecma-re-validator (~> 0.2)
-      hana (~> 1.3)
-      regexp_parser (~> 1.5)
-      uri_template (~> 0.7)
-    jwt (2.2.2)
-    kitchen-inspec (2.2.1)
-      hashie (~> 3.4)
-      inspec (>= 2.2.64, < 5.0)
-      test-kitchen (>= 2.7, < 3)
-    kitchen-salt (0.6.3)
+    jmespath (1.6.1)
+    json (2.6.2)
+    jwt (2.4.1)
+    kitchen-inspec (2.6.1)
+      hashie (>= 3.4, <= 5.0)
+      inspec (>= 2.2.64, < 7.0)
+      test-kitchen (>= 2.7, < 4)
+    kitchen-salt (0.7.2)
      hashie (>= 3.5)
      test-kitchen (>= 1.4)
-    kitchen-vagrant (1.7.0)
-      test-kitchen (>= 1.4, < 3)
-    libyajl2 (1.2.0)
-    license-acceptance (1.0.19)
+    kitchen-vagrant (1.12.0)
+      test-kitchen (>= 1.4, < 4)
+    license-acceptance (2.1.13)
      pastel (~> 0.7)
-      tomlrb (~> 1.2)
-      tty-box (~> 0.3)
-      tty-prompt (~> 0.18)
+      tomlrb (>= 1.2, < 3.0)
+      tty-box (~> 0.6)
+      tty-prompt (~> 0.20)
    little-plugger (1.1.4)
-    logging (2.3.0)
+    logging (2.3.1)
      little-plugger (~> 1.1)
      multi_json (~> 1.14)
    memoist (0.16.2)
    method_source (1.0.0)
-    mini_mime (1.0.2)
-    minitest (5.14.2)
-    mixlib-config (3.0.9)
+    mini_mime (1.1.2)
+    minitest (5.16.2)
+    mixlib-config (3.0.27)
      tomlrb
-    mixlib-install (3.12.3)
+    mixlib-install (3.12.19)
      mixlib-shellout
      mixlib-versioning
      thor
    mixlib-log (3.0.9)
-    mixlib-shellout (3.1.6)
+    mixlib-shellout (3.2.7)
      chef-utils
    mixlib-versioning (1.2.12)
+    mongo (2.13.2)
+      bson (>= 4.8.2, < 5.0.0)
    ms_rest (0.7.6)
      concurrent-ruby (~> 1.0)
      faraday (>= 0.9, < 2.0.0)
@ -328,60 +425,83 @@ GEM
      faraday-cookie_jar (~> 0.0.6)
      ms_rest (~> 0.7.6)
    multi_json (1.15.0)
-    multipart-post (2.1.1)
+    multipart-post (2.2.3)
    net-scp (3.0.0)
      net-ssh (>= 2.6.5, < 7.0.0)
    net-ssh (6.1.0)
    net-ssh-gateway (2.0.0)
      net-ssh (>= 4.0.0)
    nori (2.6.0)
-    os (1.1.1)
-    parallel (1.19.2)
+    options (2.3.2)
+    os (1.1.4)
+    parallel (1.22.1)
+    parser (3.1.2.0)
+      ast (~> 2.4.1)
    parslet (1.8.2)
    pastel (0.8.0)
      tty-color (~> 0.5)
-    pry (0.13.1)
+    progress_bar (1.3.3)
+      highline (>= 1.6, < 3)
+      options (~> 2.3.0)
+    pry (0.14.1)
      coderay (~> 1.1)
      method_source (~> 1.0)
-    public_suffix (4.0.6)
-    regexp_parser (1.8.2)
-    representable (3.0.4)
+    public_suffix (4.0.7)
+    rainbow (3.1.1)
+    rake (13.0.6)
+    regexp_parser (2.5.0)
+    representable (3.2.0)
      declarative (< 0.1.0)
-      declarative-option (< 0.2.0)
+      trailblazer-option (>= 0.1.1, < 0.2.0)
      uber (< 0.2.0)
    retriable (3.1.2)
-    rspec (3.9.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.3)
-      rspec-support (~> 3.9.3)
-    rspec-expectations (3.9.3)
+    rexml (3.2.5)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
+      rspec-support (~> 3.11.0)
    rspec-its (1.3.0)
      rspec-core (>= 3.0.0)
      rspec-expectations (>= 3.0.0)
-    rspec-mocks (3.9.1)
+    rspec-mocks (3.11.1)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.4)
-    rubyntlm (0.6.2)
-    rubyzip (1.3.0)
-    semverse (3.0.0)
-    signet (0.14.0)
-      addressable (~> 2.3)
-      faraday (>= 0.17.3, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    rubocop (1.25.1)
+      parallel (~> 1.10)
+      parser (>= 3.1.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.15.1, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.19.1)
+      parser (>= 3.1.1.0)
+    ruby-progressbar (1.11.0)
+    ruby2_keywords (0.0.5)
+    rubyntlm (0.6.3)
+    rubyzip (2.3.2)
+    semverse (3.0.2)
+    signet (0.17.0)
+      addressable (~> 2.8)
+      faraday (>= 0.17.5, < 3.a)
      jwt (>= 1.5, < 3.0)
      multi_json (~> 1.10)
    sslshake (1.3.1)
-    strings (0.2.0)
+    strings (0.2.1)
      strings-ansi (~> 0.2)
-      unicode-display_width (~> 1.5)
+      unicode-display_width (>= 1.5, < 3.0)
      unicode_utils (~> 1.4)
    strings-ansi (0.2.0)
-    test-kitchen (2.7.2)
+    test-kitchen (3.3.1)
      bcrypt_pbkdf (~> 1.0)
+      chef-utils (>= 16.4.35)
      ed25519 (~> 1.2)
      license-acceptance (>= 1.0.11, < 3.0)
      mixlib-install (~> 3.6)
@ -393,28 +513,32 @@ GEM
      winrm (~> 2.0)
      winrm-elevated (~> 1.0)
      winrm-fs (~> 1.1)
-    thor (1.0.1)
-    thread_safe (0.3.6)
+    thor (1.2.1)
    timeliness (0.3.10)
-    tomlrb (1.2.9)
-    train (3.3.27)
-      activesupport (>= 5.2.4.3, < 6.0.0)
+    tomlrb (1.3.0)
+    trailblazer-option (0.1.2)
+    train (3.10.1)
+      activesupport (>= 6.0.3.1)
      azure_graph_rbac (~> 0.16)
      azure_mgmt_key_vault (~> 0.17)
      azure_mgmt_resources (~> 0.15)
      azure_mgmt_security (~> 0.18)
      azure_mgmt_storage (~> 0.18)
      docker-api (>= 1.26, < 3.0)
-      google-api-client (>= 0.23.9, < 0.44.1)
-      googleauth (>= 0.6.6, < 0.13.1)
+      google-api-client (>= 0.23.9, <= 0.52.0)
+      googleauth (>= 0.6.6, <= 0.14.0)
      inifile (~> 3.0)
-      train-core (= 3.3.27)
+      train-core (= 3.10.1)
      train-winrm (~> 0.2)
-    train-aws (0.1.18)
+    train-aws (0.2.24)
+      aws-sdk-alexaforbusiness (~> 1.0)
+      aws-sdk-amplify (~> 1.32.0)
      aws-sdk-apigateway (~> 1.0)
      aws-sdk-apigatewayv2 (~> 1.0)
+      aws-sdk-applicationautoscaling (>= 1.46, < 1.52)
      aws-sdk-athena (~> 1.0)
-      aws-sdk-autoscaling (~> 1.22.0)
+      aws-sdk-autoscaling (>= 1.22, < 1.64)
+      aws-sdk-batch (>= 1.36, < 1.48)
      aws-sdk-budgets (~> 1.0)
      aws-sdk-cloudformation (~> 1.0)
      aws-sdk-cloudfront (~> 1.0)
@ -422,16 +546,21 @@ GEM
      aws-sdk-cloudhsmv2 (~> 1.0)
      aws-sdk-cloudtrail (~> 1.8)
      aws-sdk-cloudwatch (~> 1.13)
+      aws-sdk-cloudwatchevents (>= 1.36, < 1.47)
      aws-sdk-cloudwatchlogs (~> 1.13)
      aws-sdk-codecommit (~> 1.0)
      aws-sdk-codedeploy (~> 1.0)
      aws-sdk-codepipeline (~> 1.0)
+      aws-sdk-cognitoidentity (>= 1.26, < 1.32)
+      aws-sdk-cognitoidentityprovider (>= 1.46, < 1.54)
      aws-sdk-configservice (~> 1.21)
      aws-sdk-core (~> 3.0)
      aws-sdk-costandusagereportservice (~> 1.6)
+      aws-sdk-databasemigrationservice (>= 1.42, < 1.54)
      aws-sdk-dynamodb (~> 1.31)
      aws-sdk-ec2 (~> 1.70)
      aws-sdk-ecr (~> 1.18)
+      aws-sdk-ecrpublic (~> 1.3)
      aws-sdk-ecs (~> 1.30)
      aws-sdk-efs (~> 1.0)
      aws-sdk-eks (~> 1.9)
@ -440,48 +569,65 @@ GEM
      aws-sdk-elasticloadbalancing (~> 1.8)
      aws-sdk-elasticloadbalancingv2 (~> 1.0)
      aws-sdk-elasticsearchservice (~> 1.0)
+      aws-sdk-emr (~> 1.53.0)
+      aws-sdk-eventbridge (~> 1.24.0)
      aws-sdk-firehose (~> 1.0)
+      aws-sdk-glue (>= 1.71, < 1.89)
      aws-sdk-guardduty (~> 1.31)
      aws-sdk-iam (~> 1.13)
      aws-sdk-kafka (~> 1.0)
      aws-sdk-kinesis (~> 1.0)
      aws-sdk-kms (~> 1.13)
      aws-sdk-lambda (~> 1.0)
-      aws-sdk-organizations (~> 1.17.0)
+      aws-sdk-mq (~> 1.40.0)
+      aws-sdk-networkfirewall (>= 1.6.0)
+      aws-sdk-networkmanager (>= 1.13.0)
+      aws-sdk-organizations (>= 1.17, < 1.60)
+      aws-sdk-ram (>= 1.21, < 1.27)
      aws-sdk-rds (~> 1.43)
      aws-sdk-redshift (~> 1.0)
      aws-sdk-route53 (~> 1.0)
      aws-sdk-route53domains (~> 1.0)
      aws-sdk-route53resolver (~> 1.0)
      aws-sdk-s3 (~> 1.30)
+      aws-sdk-s3control (~> 1.43.0)
+      aws-sdk-secretsmanager (>= 1.42, < 1.47)
      aws-sdk-securityhub (~> 1.0)
-      aws-sdk-ses (~> 1.0)
+      aws-sdk-servicecatalog (>= 1.48, < 1.61)
+      aws-sdk-ses (~> 1.41.0)
+      aws-sdk-shield (~> 1.30)
+      aws-sdk-signer (~> 1.32.0)
+      aws-sdk-simpledb (~> 1.29.0)
      aws-sdk-sms (~> 1.0)
      aws-sdk-sns (~> 1.9)
      aws-sdk-sqs (~> 1.10)
      aws-sdk-ssm (~> 1.0)
-    train-core (3.3.27)
+      aws-sdk-states (>= 1.35, < 1.40)
+      aws-sdk-synthetics (~> 1.19.0)
+      aws-sdk-transfer (>= 1.26, < 1.35)
+      aws-sdk-waf (~> 1.43.0)
+    train-core (3.10.1)
      addressable (~> 2.5)
      ffi (!= 1.13.0)
      json (>= 1.8, < 3.0)
      mixlib-shellout (>= 2.0, < 4.0)
      net-scp (>= 1.2, < 4.0)
      net-ssh (>= 2.9, < 7.0)
-    train-habitat (0.2.13)
-    train-winrm (0.2.11)
-      winrm (~> 2.0)
+    train-habitat (0.2.22)
+    train-winrm (0.2.13)
+      winrm (>= 2.3.6, < 3.0)
      winrm-elevated (~> 1.2.2)
      winrm-fs (~> 1.0)
-    tty-box (0.6.0)
+    tty-box (0.7.0)
      pastel (~> 0.8)
      strings (~> 0.2.0)
      tty-cursor (~> 0.7)
-    tty-color (0.5.2)
+    tty-color (0.6.0)
    tty-cursor (0.7.1)
-    tty-prompt (0.22.0)
+    tty-prompt (0.23.1)
      pastel (~> 0.8)
      tty-reader (~> 0.8)
-    tty-reader (0.8.0)
+    tty-reader (0.9.0)
      tty-cursor (~> 0.7)
      tty-screen (~> 0.8)
      wisper (~> 2.0)
@ -490,16 +636,15 @@ GEM
      pastel (~> 0.8)
      strings (~> 0.2.0)
      tty-screen (~> 0.8)
-    tzinfo (1.2.7)
-      thread_safe (~> 0.1)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
    uber (0.1.0)
    unf (0.1.4)
      unf_ext
-    unf_ext (0.0.7.7)
-    unicode-display_width (1.7.0)
+    unf_ext (0.0.8.2)
+    unicode-display_width (2.2.0)
    unicode_utils (1.4.0)
-    uri_template (0.7.0)
-    winrm (2.3.5)
+    winrm (2.3.6)
      builder (>= 2.1.2)
      erubi (~> 1.8)
      gssapi (~> 1.2)
@ -507,15 +652,15 @@ GEM
      httpclient (~> 2.2, >= 2.2.0.2)
      logging (>= 1.6.1, < 3.0)
      nori (~> 2.0)
-      rubyntlm (~> 0.6.0, >= 0.6.1)
-    winrm-elevated (1.2.2)
+      rubyntlm (~> 0.6.0, >= 0.6.3)
+    winrm-elevated (1.2.3)
      erubi (~> 1.8)
      winrm (~> 2.0)
      winrm-fs (~> 1.0)
-    winrm-fs (1.3.3)
+    winrm-fs (1.3.5)
      erubi (~> 1.8)
      logging (>= 1.6.1, < 3.0)
-      rubyzip (~> 1.1)
+      rubyzip (~> 2.0)
      winrm (~> 2.0)
    wisper (2.0.1)

@ -523,10 +668,10 @@ PLATFORMS
  ruby

 DEPENDENCIES
-  inspec (~> 4.22.22)
+  inspec!
  kitchen-docker!
-  kitchen-inspec (>= 2.2.1)
-  kitchen-salt (>= 0.6.3)
+  kitchen-inspec (>= 2.5.0)
+  kitchen-salt (>= 0.7.2)
  kitchen-vagrant

 BUNDLED WITH
--- a/bin/kitchen
+++ b/bin/kitchen
@ -19,8 +19,8 @@ if File.file?(bundle_binstub)
    load(bundle_binstub)
  else
    abort(
-      'Your `bin/bundle` was not generated by Bundler, '\
-      'so this binstub cannot run.  Replace `bin/bundle` by running '\
+      'Your `bin/bundle` was not generated by Bundler, ' \
+      'so this binstub cannot run.  Replace `bin/bundle` by running ' \
      '`bundle binstubs bundler --force`, then run this command again.'
    )
  end
--- a/docs/AUTHORS.rst
+++ b/docs/AUTHORS.rst
@ -13,221 +13,224 @@ This list is sorted by the number of commits per contributor in *descending* ord
   * - Avatar
     - Contributor
     - Contributions
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>`
     - `@myii <https://github.com/myii>`_
-     - 89
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1920805?v=4' width='36' height='36' alt='@alxwr'>`
+     - 165
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1920805?v=4' width='36' height='36' alt='@alxwr'>`
     - `@alxwr <https://github.com/alxwr>`_
     - 38
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1233212?v=4' width='36' height='36' alt='@baby-gnu'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1233212?v=4' width='36' height='36' alt='@baby-gnu'>`
     - `@baby-gnu <https://github.com/baby-gnu>`_
-     - 31
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/1396878?v=4' width='36' height='36' alt='@gravyboat'>`
+     - 33
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1396878?v=4' width='36' height='36' alt='@gravyboat'>`
     - `@gravyboat <https://github.com/gravyboat>`_
     - 28
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1800660?v=4' width='36' height='36' alt='@aboe76'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1800660?v=4' width='36' height='36' alt='@aboe76'>`
     - `@aboe76 <https://github.com/aboe76>`_
     - 25
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/3374962?v=4' width='36' height='36' alt='@nmadhok'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3374962?v=4' width='36' height='36' alt='@nmadhok'>`
     - `@nmadhok <https://github.com/nmadhok>`_
     - 15
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/91293?v=4' width='36' height='36' alt='@whiteinge'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/91293?v=4' width='36' height='36' alt='@whiteinge'>`
     - `@whiteinge <https://github.com/whiteinge>`_
     - 9
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/8029478?v=4' width='36' height='36' alt='@rfairburn'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/8029478?v=4' width='36' height='36' alt='@rfairburn'>`
     - `@rfairburn <https://github.com/rfairburn>`_
     - 8
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/6018668?v=4' width='36' height='36' alt='@amendlik'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/6018668?v=4' width='36' height='36' alt='@amendlik'>`
     - `@amendlik <https://github.com/amendlik>`_
     - 8
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/941928?v=4' width='36' height='36' alt='@amontalban'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/941928?v=4' width='36' height='36' alt='@amontalban'>`
     - `@amontalban <https://github.com/amontalban>`_
     - 7
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/242396?v=4' width='36' height='36' alt='@javierbertoli'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/242396?v=4' width='36' height='36' alt='@javierbertoli'>`
     - `@javierbertoli <https://github.com/javierbertoli>`_
     - 7
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/897349?v=4' width='36' height='36' alt='@kennydo'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/897349?v=4' width='36' height='36' alt='@kennydo'>`
     - `@kennydo <https://github.com/kennydo>`_
     - 7
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/17393048?v=4' width='36' height='36' alt='@ek9'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/17393048?v=4' width='36' height='36' alt='@ek9'>`
     - `@ek9 <https://github.com/ek9>`_
     - 7
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/6215293?v=4' width='36' height='36' alt='@0xf10e'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/6215293?v=4' width='36' height='36' alt='@0xf10e'>`
     - `@0xf10e <https://github.com/0xf10e>`_
     - 7
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/642259?v=4' width='36' height='36' alt='@pepoluan'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/642259?v=4' width='36' height='36' alt='@pepoluan'>`
     - `@pepoluan <https://github.com/pepoluan>`_
     - 5
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/10227523?v=4' width='36' height='36' alt='@llua'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10227523?v=4' width='36' height='36' alt='@llua'>`
     - `@llua <https://github.com/llua>`_
     - 5
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/528061?v=4' width='36' height='36' alt='@puneetk'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/528061?v=4' width='36' height='36' alt='@puneetk'>`
     - `@puneetk <https://github.com/puneetk>`_
     - 5
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/3375654?v=4' width='36' height='36' alt='@nterupt'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3375654?v=4' width='36' height='36' alt='@nterupt'>`
     - `@nterupt <https://github.com/nterupt>`_
     - 4
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/10141454?v=4' width='36' height='36' alt='@mathieupotier'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10141454?v=4' width='36' height='36' alt='@mathieupotier'>`
     - `@mathieupotier <https://github.com/mathieupotier>`_
     - 4
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/1079875?v=4' width='36' height='36' alt='@bogdanr'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1079875?v=4' width='36' height='36' alt='@bogdanr'>`
     - `@bogdanr <https://github.com/bogdanr>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/287147?v=4' width='36' height='36' alt='@techhat'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4195158?v=4' width='36' height='36' alt='@dafyddj'>`
+     - `@dafyddj <https://github.com/dafyddj>`_
+     - 3
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/287147?v=4' width='36' height='36' alt='@techhat'>`
     - `@techhat <https://github.com/techhat>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/13550?v=4' width='36' height='36' alt='@mikemol'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13550?v=4' width='36' height='36' alt='@mikemol'>`
     - `@mikemol <https://github.com/mikemol>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/358074?v=4' width='36' height='36' alt='@pcdummy'>`
-     - `@pcdummy <https://github.com/pcdummy>`_
-     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/507599?v=4' width='36' height='36' alt='@thatch45'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/507599?v=4' width='36' height='36' alt='@thatch45'>`
     - `@thatch45 <https://github.com/thatch45>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/117961?v=4' width='36' height='36' alt='@babilen5'>`
-     - `@babilen5 <https://github.com/babilen5>`_
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/117961?v=4' width='36' height='36' alt='@babilen'>`
+     - `@babilen <https://github.com/babilen>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/2061751?v=4' width='36' height='36' alt='@matthew-parlette'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2061751?v=4' width='36' height='36' alt='@matthew-parlette'>`
     - `@matthew-parlette <https://github.com/matthew-parlette>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/1013915?v=4' width='36' height='36' alt='@rhertzog'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13322818?v=4' width='36' height='36' alt='@noelmcloughlin'>`
+     - `@noelmcloughlin <https://github.com/noelmcloughlin>`_
+     - 3
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1013915?v=4' width='36' height='36' alt='@rhertzog'>`
     - `@rhertzog <https://github.com/rhertzog>`_
     - 3
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/36720?v=4' width='36' height='36' alt='@brot'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/36720?v=4' width='36' height='36' alt='@brot'>`
     - `@brot <https://github.com/brot>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/776662?v=4' width='36' height='36' alt='@carlosperello'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/776662?v=4' width='36' height='36' alt='@carlosperello'>`
     - `@carlosperello <https://github.com/carlosperello>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/4195158?v=4' width='36' height='36' alt='@dafyddj'>`
-     - `@dafyddj <https://github.com/dafyddj>`_
-     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/114159?v=4' width='36' height='36' alt='@fpletz'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/114159?v=4' width='36' height='36' alt='@fpletz'>`
     - `@fpletz <https://github.com/fpletz>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/5255388?v=4' width='36' height='36' alt='@ingben'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/5255388?v=4' width='36' height='36' alt='@ingben'>`
     - `@ingben <https://github.com/ingben>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/675056?v=4' width='36' height='36' alt='@OrangeDog'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/675056?v=4' width='36' height='36' alt='@OrangeDog'>`
     - `@OrangeDog <https://github.com/OrangeDog>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/2285387?v=4' width='36' height='36' alt='@kyrias'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2285387?v=4' width='36' height='36' alt='@kyrias'>`
     - `@kyrias <https://github.com/kyrias>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/924183?v=4' width='36' height='36' alt='@mschiff'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/924183?v=4' width='36' height='36' alt='@mschiff'>`
     - `@mschiff <https://github.com/mschiff>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/3768412?v=4' width='36' height='36' alt='@stp-ip'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3768412?v=4' width='36' height='36' alt='@stp-ip'>`
     - `@stp-ip <https://github.com/stp-ip>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/13322818?v=4' width='36' height='36' alt='@noelmcloughlin'>`
-     - `@noelmcloughlin <https://github.com/noelmcloughlin>`_
-     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/299386?v=4' width='36' height='36' alt='@excavador'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/299386?v=4' width='36' height='36' alt='@excavador'>`
     - `@excavador <https://github.com/excavador>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/4510160?v=4' width='36' height='36' alt='@hudecof'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4510160?v=4' width='36' height='36' alt='@hudecof'>`
     - `@hudecof <https://github.com/hudecof>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1004111?v=4' width='36' height='36' alt='@freach'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1004111?v=4' width='36' height='36' alt='@freach'>`
     - `@freach <https://github.com/freach>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/50891?v=4' width='36' height='36' alt='@westurner'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1353637?v=4' width='36' height='36' alt='@stasjok'>`
+     - `@stasjok <https://github.com/stasjok>`_
+     - 2
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/50891?v=4' width='36' height='36' alt='@westurner'>`
     - `@westurner <https://github.com/westurner>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/228723?v=4' width='36' height='36' alt='@abednarik'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/228723?v=4' width='36' height='36' alt='@abednarik'>`
     - `@abednarik <https://github.com/abednarik>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/26563851?v=4' width='36' height='36' alt='@chenmen'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/26563851?v=4' width='36' height='36' alt='@chenmen'>`
     - `@chenmen <https://github.com/chenmen>`_
     - 2
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/850317?v=4' width='36' height='36' alt='@alanpearce'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/850317?v=4' width='36' height='36' alt='@alanpearce'>`
     - `@alanpearce <https://github.com/alanpearce>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/445200?v=4' width='36' height='36' alt='@arthurlogilab'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/445200?v=4' width='36' height='36' alt='@arthurlogilab'>`
     - `@arthurlogilab <https://github.com/arthurlogilab>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/1566437?v=4' width='36' height='36' alt='@bkmit'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1566437?v=4' width='36' height='36' alt='@bkmit'>`
     - `@bkmit <https://github.com/bkmit>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/20098965?v=4' width='36' height='36' alt='@brianholland99'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/20098965?v=4' width='36' height='36' alt='@brianholland99'>`
     - `@brianholland99 <https://github.com/brianholland99>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/20441?v=4' width='36' height='36' alt='@iggy'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/20441?v=4' width='36' height='36' alt='@iggy'>`
     - `@iggy <https://github.com/iggy>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/13131979?v=4' width='36' height='36' alt='@BT-dschleich'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13131979?v=4' width='36' height='36' alt='@BT-dschleich'>`
     - `@BT-dschleich <https://github.com/BT-dschleich>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/3012076?v=4' width='36' height='36' alt='@fzipi'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/3012076?v=4' width='36' height='36' alt='@fzipi'>`
     - `@fzipi <https://github.com/fzipi>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/94157?v=4' width='36' height='36' alt='@imran1008'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/94157?v=4' width='36' height='36' alt='@imran1008'>`
     - `@imran1008 <https://github.com/imran1008>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/637504?v=4' width='36' height='36' alt='@jasperla'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/637504?v=4' width='36' height='36' alt='@jasperla'>`
     - `@jasperla <https://github.com/jasperla>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/350294?v=4' width='36' height='36' alt='@anderbubble'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/350294?v=4' width='36' height='36' alt='@anderbubble'>`
     - `@anderbubble <https://github.com/anderbubble>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/7613500?v=4' width='36' height='36' alt='@levlozhkin'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/7613500?v=4' width='36' height='36' alt='@levlozhkin'>`
     - `@levlozhkin <https://github.com/levlozhkin>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/25535310?v=4' width='36' height='36' alt='@polymeter'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/25535310?v=4' width='36' height='36' alt='@polymeter'>`
     - `@polymeter <https://github.com/polymeter>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/16899663?v=4' width='36' height='36' alt='@Mario-F'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/16899663?v=4' width='36' height='36' alt='@Mario-F'>`
     - `@Mario-F <https://github.com/Mario-F>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/2869?v=4' width='36' height='36' alt='@nigelsim'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2869?v=4' width='36' height='36' alt='@nigelsim'>`
     - `@nigelsim <https://github.com/nigelsim>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/25389335?v=4' width='36' height='36' alt='@antifob'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/25389335?v=4' width='36' height='36' alt='@antifob'>`
     - `@antifob <https://github.com/antifob>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1610802?v=4' width='36' height='36' alt='@robinelfrink'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1610802?v=4' width='36' height='36' alt='@robinelfrink'>`
     - `@robinelfrink <https://github.com/robinelfrink>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/2377054?v=4' width='36' height='36' alt='@smlloyd'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2377054?v=4' width='36' height='36' alt='@smlloyd'>`
     - `@smlloyd <https://github.com/smlloyd>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/4156131?v=4' width='36' height='36' alt='@skylerberg'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4156131?v=4' width='36' height='36' alt='@skylerberg'>`
     - `@skylerberg <https://github.com/skylerberg>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/48949?v=4' width='36' height='36' alt='@tampakrap'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/48949?v=4' width='36' height='36' alt='@tampakrap'>`
     - `@tampakrap <https://github.com/tampakrap>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/566830?v=4' width='36' height='36' alt='@TJuberg'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/566830?v=4' width='36' height='36' alt='@TJuberg'>`
     - `@TJuberg <https://github.com/TJuberg>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars2.githubusercontent.com/u/1974659?v=4' width='36' height='36' alt='@tibold'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1974659?v=4' width='36' height='36' alt='@tibold'>`
     - `@tibold <https://github.com/tibold>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/1277162?v=4' width='36' height='36' alt='@brandonparsons'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/113170?v=4' width='36' height='36' alt='@TimJones'>`
+     - `@TimJones <https://github.com/TimJones>`_
+     - 1
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1277162?v=4' width='36' height='36' alt='@brandonparsons'>`
     - `@brandonparsons <https://github.com/brandonparsons>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1406670?v=4' width='36' height='36' alt='@elfixit'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1406670?v=4' width='36' height='36' alt='@elfixit'>`
     - `@elfixit <https://github.com/elfixit>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/10122937?v=4' width='36' height='36' alt='@ketzacoatl'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10122937?v=4' width='36' height='36' alt='@ketzacoatl'>`
     - `@ketzacoatl <https://github.com/ketzacoatl>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars3.githubusercontent.com/u/15609251?v=4' width='36' height='36' alt='@omltorg'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/15609251?v=4' width='36' height='36' alt='@omltorg'>`
     - `@omltorg <https://github.com/omltorg>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/1721508?v=4' width='36' height='36' alt='@reschl'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1721508?v=4' width='36' height='36' alt='@reschl'>`
     - `@reschl <https://github.com/reschl>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars0.githubusercontent.com/u/991850?v=4' width='36' height='36' alt='@scub'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/991850?v=4' width='36' height='36' alt='@scub'>`
     - `@scub <https://github.com/scub>`_
     - 1
-   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars1.githubusercontent.com/u/8021992?v=4' width='36' height='36' alt='@tmeneau'>`
+   * - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/8021992?v=4' width='36' height='36' alt='@tmeneau'>`
     - `@tmeneau <https://github.com/tmeneau>`_
     - 1


 ----

-Auto-generated by a `forked version <https://github.com/myii/maintainer>`_ of `gaocegege/maintainer <https://github.com/gaocegege/maintainer>`_ on 2021-01-12.
+Auto-generated by a `forked version <https://github.com/myii/maintainer>`_ of `gaocegege/maintainer <https://github.com/gaocegege/maintainer>`_ on 2022-02-21.
--- a/docs/CHANGELOG.rst
+++ b/docs/CHANGELOG.rst
@ -2,6 +2,123 @@
 Changelog
 =========

+`3.0.3 <https://github.com/saltstack-formulas/openssh-formula/compare/v3.0.2...v3.0.3>`_ (2022-02-21)
+---------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **libmapstack:** allow mapping by booleans and numbers (\ `40ba5a7 <https://github.com/saltstack-formulas/openssh-formula/commit/40ba5a72c6476fa7deb4e73a01e78530da4c45d9>`_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* update linters to latest versions [skip ci] (\ `81f97c0 <https://github.com/saltstack-formulas/openssh-formula/commit/81f97c0457b7b30a6464c066fcb83ca77def9371>`_\ )
+
+Styles
+^^^^^^
+
+
+* **libsaltcli:** fix comments to jinja comments [skip ci] (\ `3416d94 <https://github.com/saltstack-formulas/openssh-formula/commit/3416d94a36ab0c38942dba8d660652592f74a019>`_\ )
+
+Tests
+^^^^^
+
+
+* **system:** add ``build_platform_codename`` [skip ci] (\ `aaa1828 <https://github.com/saltstack-formulas/openssh-formula/commit/aaa1828f8683cb306b4532805d8095b095649af5>`_\ )
+
+`3.0.2 <https://github.com/saltstack-formulas/openssh-formula/compare/v3.0.1...v3.0.2>`_ (2022-02-03)
+---------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **libmatchers:** python client API can use ``config.get`` options (\ `560a5cc <https://github.com/saltstack-formulas/openssh-formula/commit/560a5ccbbc1c657fce621da945981cd0bd701879>`_\ )
+
+Code Refactoring
+^^^^^^^^^^^^^^^^
+
+
+* **map.jinja:** standardise v5 structure [skip ci] (\ `3162842 <https://github.com/saltstack-formulas/openssh-formula/commit/3162842ec5531b72a28fff592e1b63d33aa2cd59>`_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* **3003.1:** update inc. AlmaLinux, Rocky & ``rst-lint`` [skip ci] (\ `7190129 <https://github.com/saltstack-formulas/openssh-formula/commit/719012908469f50e510779e1b82fb5605f54053a>`_\ )
+* **freebsd:** update with latest pre-salted Vagrant boxes [skip ci] (\ `943cf17 <https://github.com/saltstack-formulas/openssh-formula/commit/943cf1790370fa32d19f6e367510d513fc9cbbb6>`_\ )
+* **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] (\ `8b2cd1b <https://github.com/saltstack-formulas/openssh-formula/commit/8b2cd1b0e6a872928d2095170e9524274c9de3e2>`_\ )
+* **gemfile+lock:** use ``ssf`` customised ``inspec`` repo [skip ci] (\ `e5d83f3 <https://github.com/saltstack-formulas/openssh-formula/commit/e5d83f3f36152c57c6701fdb5d28b624830dc8e0>`_\ )
+* **kitchen:** move ``provisioner`` block & update ``run_command`` [skip ci] (\ `1685782 <https://github.com/saltstack-formulas/openssh-formula/commit/168578285aa3291c4cca775daae299aa0889f1d5>`_\ )
+* **kitchen+ci:** update with ``3004`` pre-salted images/boxes [skip ci] (\ `e59160f <https://github.com/saltstack-formulas/openssh-formula/commit/e59160f8461386c148b8e61f43e4c3a0d0b89587>`_\ )
+* **kitchen+ci:** update with latest ``3003.2`` pre-salted images [skip ci] (\ `d48bdde <https://github.com/saltstack-formulas/openssh-formula/commit/d48bdde2c6919d73a79301f46ec058668d413aac>`_\ )
+* **kitchen+ci:** update with latest CVE pre-salted images [skip ci] (\ `5d4ed95 <https://github.com/saltstack-formulas/openssh-formula/commit/5d4ed95572dbdb7b93c2ff3cafca71ed8a6a4034>`_\ )
+* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] (\ `b7ddbb0 <https://github.com/saltstack-formulas/openssh-formula/commit/b7ddbb0e186b74d5c9ae0abd75b187f08aab896e>`_\ )
+* **kitchen+gitlab:** update for new pre-salted images [skip ci] (\ `eede9fa <https://github.com/saltstack-formulas/openssh-formula/commit/eede9fa54c84b92aab2f7c036e41f53df1389e0c>`_\ )
+* **vagrant:** replace FreeBSD 12.2 with 12.3 [skip ci] (\ `5e8a886 <https://github.com/saltstack-formulas/openssh-formula/commit/5e8a88631351c1621da415bc0decae808b9bfc1b>`_\ )
+* add Debian 11 Bullseye & update ``yamllint`` configuration [skip ci] (\ `efb6799 <https://github.com/saltstack-formulas/openssh-formula/commit/efb679941a6940b1e94a1b0b3fdbaa25ff3f5d12>`_\ )
+* **vagrant:** add OpenBSD 6.9 [skip ci] (\ `fb78927 <https://github.com/saltstack-formulas/openssh-formula/commit/fb789274811a3acce1589280137fab8dd78cd0d2>`_\ )
+* add ``arch-master`` to matrix and update ``.travis.yml`` [skip ci] (\ `1af42b2 <https://github.com/saltstack-formulas/openssh-formula/commit/1af42b215e96715f3ddeae13aab6fcbbcfd258b4>`_\ )
+* **kitchen+gitlab:** adjust matrix to add ``3003`` [skip ci] (\ `c82927f <https://github.com/saltstack-formulas/openssh-formula/commit/c82927fbc8dd40aea584c6fbee2a5d08eac7c31e>`_\ )
+* **vagrant:** add FreeBSD 13.0 [skip ci] (\ `7c69859 <https://github.com/saltstack-formulas/openssh-formula/commit/7c698591c862c412894416f5037892f13f2ed514>`_\ )
+* **vagrant:** use pre-salted boxes & conditional local settings [skip ci] (\ `531de16 <https://github.com/saltstack-formulas/openssh-formula/commit/531de164b66ef66b66fadd2369ad302916131e39>`_\ )
+
+Documentation
+^^^^^^^^^^^^^
+
+
+* **readme:** fix headings [skip ci] (\ `52abade <https://github.com/saltstack-formulas/openssh-formula/commit/52abade1821ba7afa1ed313ba9a4d8250283938b>`_\ )
+
+Tests
+^^^^^
+
+
+* **_mapdata:** add verification file for ``debian-11`` [skip ci] (\ `42e17b2 <https://github.com/saltstack-formulas/openssh-formula/commit/42e17b28712b3bf369ac4629b21705a54c5763d6>`_\ )
+* **_mapdata:** add verification file for ``fedora-34`` [skip ci] (\ `3f6c4a0 <https://github.com/saltstack-formulas/openssh-formula/commit/3f6c4a05acbf5b41b771b4a44a897e7353190efa>`_\ )
+* **alma+rocky:** add platforms (based on CentOS 8) [skip ci] (\ `2dc565b <https://github.com/saltstack-formulas/openssh-formula/commit/2dc565b7c7a467b55e199e47e0d5fe4486360e34>`_\ )
+* **default:** use ``grains.get`` for ``oscodename`` (for FreeBSD) [skip ci] (\ `aa8f9db <https://github.com/saltstack-formulas/openssh-formula/commit/aa8f9dbfd6e534e53557b4ae917a90951f8714ac>`_\ )
+* **freebsd:** add ``map.jinja`` verification file (for 13.0) (\ `018a47c <https://github.com/saltstack-formulas/openssh-formula/commit/018a47cdd89dac21c05265db7cb5ee8ec9bd0ada>`_\ )
+* **pillar:** add ``ssh-rsa`` Kitchen workaround on Arch Linux [skip ci] (\ `ecd62e4 <https://github.com/saltstack-formulas/openssh-formula/commit/ecd62e45075c19bce13d42d88c9372c1a308699f>`_\ )
+* **pillar:** add ``ssh-rsa`` Kitchen workaround on Gentoo [skip ci] (\ `d65ea55 <https://github.com/saltstack-formulas/openssh-formula/commit/d65ea55d94d1cd314412daa6388eda080ab70725>`_\ )
+* **pillar:** add platforms to ``ssh-rsa`` Kitchen workaround [skip ci] (\ `6260e85 <https://github.com/saltstack-formulas/openssh-formula/commit/6260e852800a3a5481cc0df73a5f689a48599ea2>`_\ )
+
+`3.0.1 <https://github.com/saltstack-formulas/openssh-formula/compare/v3.0.0...v3.0.1>`_ (2021-03-26)
+---------------------------------------------------------------------------------------------------------
+
+Bug Fixes
+^^^^^^^^^
+
+
+* **openbsd:** fix ``dig_pkg``\ , avoid ``UsePAM`` & add verification file (\ `2868560 <https://github.com/saltstack-formulas/openssh-formula/commit/286856058ac1b7231cbd3455826a751963c3ca45>`_\ )
+
+Continuous Integration
+^^^^^^^^^^^^^^^^^^^^^^
+
+
+* enable Vagrant-based testing using GitHub Actions (\ `f1af455 <https://github.com/saltstack-formulas/openssh-formula/commit/f1af45593d967c9ac734702fa31b922d28053d32>`_\ )
+* **gemfile+lock:** use ``ssf`` customised ``kitchen-docker`` repo [skip ci] (\ `01512a0 <https://github.com/saltstack-formulas/openssh-formula/commit/01512a0ec47b42ea41fcc949f59372b7e95e817c>`_\ )
+* **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] (\ `79321be <https://github.com/saltstack-formulas/openssh-formula/commit/79321be76fa91234414dd53ea81ee0327276bafe>`_\ )
+* **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] (\ `c2a366f <https://github.com/saltstack-formulas/openssh-formula/commit/c2a366f9c721fc0956cd08c5e3f239a751be7a10>`_\ )
+* **pre-commit:** update hook for ``rubocop`` [skip ci] (\ `ccb6a44 <https://github.com/saltstack-formulas/openssh-formula/commit/ccb6a4487580eb75b3d735e7cfb398f2b8ebb316>`_\ )
+
+Documentation
+^^^^^^^^^^^^^
+
+
+* **readme:** add ``Testing with Vagrant`` section (\ `2f8c31c <https://github.com/saltstack-formulas/openssh-formula/commit/2f8c31c66c56d7c7626c5193d7386cc280e16322>`_\ )
+
+Tests
+^^^^^
+
+
+* **freebsd:** add ``map.jinja`` verification files (for 11.4 & 12.2) (\ `4c857fe <https://github.com/saltstack-formulas/openssh-formula/commit/4c857fe07156260a206c9d33c7a87ce60a324803>`_\ )
+* standardise use of ``share`` suite & ``_mapdata`` state [skip ci] (\ `35a2124 <https://github.com/saltstack-formulas/openssh-formula/commit/35a2124a43da14c8cb64040b0b5f2d1b4b7545fe>`_\ )
+* **_mapdata:** add verification files for new platforms (\ `748eded <https://github.com/saltstack-formulas/openssh-formula/commit/748ededc7af79b792cac8fa01abcd20c8c27d8ed>`_\ )
+* **share:** standardise with latest changes [skip ci] (\ `de969f1 <https://github.com/saltstack-formulas/openssh-formula/commit/de969f10f1b22a86491f1b33d1d06eb7d721a980>`_\ )
+
 `3.0.0 <https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.6...v3.0.0>`_ (2021-01-12)
 ---------------------------------------------------------------------------------------------------------

--- a/docs/README.rst
+++ b/docs/README.rst
@ -1,7 +1,6 @@
-.. _readme:
+openssh-formula
+===============

-openssh
-=======
 |img_travis| |img_sr|

 .. |img_travis| image:: https://travis-ci.com/saltstack-formulas/openssh-formula.svg?branch=master
@ -91,11 +90,11 @@ so root login will be disabled.
 ``openssh.config_ini``
 ^^^^^^^^^^^^^^^^^^^^^^

-Version of managing ``sshd_config`` that uses the 
+Version of managing ``sshd_config`` that uses the
 `ini_managed.option_present <https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ini_manage.html>`_
-state module, so it enables to override only one or 
-multiple values and keeping the defaults shipped by your 
-distribution. 
+state module, so it enables to override only one or
+multiple values and keeping the defaults shipped by your
+distribution.


 ``openssh.known_hosts``
@ -237,7 +236,7 @@ To completely disable adding IP addresses::
 Manages the system wide ``/etc/ssh/moduli`` file.

 ``openssh._mapdata``
-^^^^^^^^^^^^^^^^^^
+^^^^^^^^^^^^^^^^^^^^

 Testing state which dumps the ``map.jinja`` values in ``/tmp/salt_mapdata_dump.yaml``.
 This state is not called by any include but is mostly used by kitchen and Inspec infrastructure to validate ``map.jinja``.
@ -266,7 +265,7 @@ e.g. ``debian-9-2019-2-py3``.
 ``bin/kitchen converge``
 ^^^^^^^^^^^^^^^^^^^^^^^^

-Creates the docker instance and runs the ``template`` main state, ready for testing.
+Creates the docker instance and runs the ``openssh`` main states, ready for testing.

 ``bin/kitchen verify``
 ^^^^^^^^^^^^^^^^^^^^^^
@ -288,3 +287,64 @@ Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``veri

 Gives you SSH access to the instance for manual testing.

+Testing with Vagrant
+--------------------
+
+Windows/FreeBSD/OpenBSD testing is done with ``kitchen-salt``.
+
+Requirements
+^^^^^^^^^^^^
+
+* Ruby
+* Virtualbox
+* Vagrant
+
+Setup
+^^^^^
+
+.. code-block:: bash
+
+   $ gem install bundler
+   $ bundle install --with=vagrant
+   $ bin/kitchen test [platform]
+
+Where ``[platform]`` is the platform name defined in ``kitchen.vagrant.yml``,
+e.g. ``windows-81-latest-py3``.
+
+Note
+^^^^
+
+When testing using Vagrant you must set the environment variable ``KITCHEN_LOCAL_YAML`` to ``kitchen.vagrant.yml``.  For example:
+
+.. code-block:: bash
+
+   $ KITCHEN_LOCAL_YAML=kitchen.vagrant.yml bin/kitchen test      # Alternatively,
+   $ export KITCHEN_LOCAL_YAML=kitchen.vagrant.yml
+   $ bin/kitchen test
+
+Then run the following commands as needed.
+
+``bin/kitchen converge``
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+Creates the Vagrant instance and runs the ``openssh`` main states, ready for testing.
+
+``bin/kitchen verify``
+^^^^^^^^^^^^^^^^^^^^^^
+
+Runs the ``inspec`` tests on the actual instance.
+
+``bin/kitchen destroy``
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Removes the Vagrant instance.
+
+``bin/kitchen test``
+^^^^^^^^^^^^^^^^^^^^
+
+Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.
+
+``bin/kitchen login``
+^^^^^^^^^^^^^^^^^^^^^
+
+Gives you RDP/SSH access to the instance for manual testing.
--- a/kitchen.vagrant.yml
+++ b/kitchen.vagrant.yml
@ -3,15 +3,36 @@
 ---
 driver:
  name: vagrant
+  cache_directory: false
+  customize:
+    usbxhci: 'off'
+  gui: false
+  ssh:
+    shell: /bin/sh
+  linked_clone: true
+  <% unless ENV['CI'] %>
+  synced_folders:
+    - - '.kitchen/kitchen-vagrant/%{instance_name}/vagrant'
+      - '/vagrant'
+      - 'create: true, disabled: false'
+  <% end %>

 platforms:
-  - name: freebsd-120-2019-2-py3
+  - name: freebsd-130-master-py3
    driver:
-      box_url: https://freebsd.z.vstack.com/FreeBSD-12.0.box
-      cache_directory: false
-      customize:
-        usbxhci: 'off'
-      gui: false
-      linked_clone: true
+      box: myii/freebsd-13.0-master-py3
+  - name: freebsd-123-master-py3
+    driver:
+      box: myii/freebsd-12.3-master-py3
+  - name: freebsd-130-3004-0-py3
+    driver:
+      box: myii/freebsd-13.0-3004.0-py3
+  - name: freebsd-123-3004-0-py3
+    driver:
+      box: myii/freebsd-12.3-3004.0-py3
+  - name: openbsd-70-3003-3-py3
+    driver:
+      box: myii/openbsd-7.0-3003.3-py3
      ssh:
-        shell: '/bin/sh'
+        shell: /bin/ksh
+      synced_folders: []
--- a/kitchen.yml
+++ b/kitchen.yml
@ -6,128 +6,7 @@ driver:
  name: docker
  use_sudo: false
  privileged: true
-  run_command: /lib/systemd/systemd
-
-# Make sure the platforms listed below match up with
-# the `env.matrix` instances defined in `.travis.yml`
-platforms:
-  ## SALT `master`
-  - name: debian-10-master-py3
-    driver:
-      image: saltimages/salt-master-py3:debian-10
-  - name: ubuntu-2004-master-py3
-    driver:
-      image: saltimages/salt-master-py3:ubuntu-20.04
-  - name: ubuntu-1804-master-py3
-    driver:
-      image: saltimages/salt-master-py3:ubuntu-18.04
-  - name: centos-8-master-py3
-    driver:
-      image: saltimages/salt-master-py3:centos-8
-  - name: fedora-32-master-py3
-    driver:
-      image: saltimages/salt-master-py3:fedora-32
-  - name: fedora-31-master-py3
-    driver:
-      image: saltimages/salt-master-py3:fedora-31
-  - name: opensuse-leap-152-master-py3
-    driver:
-      image: saltimages/salt-master-py3:opensuse-leap-15.2
-      run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
-    # => SCP did not finish successfully (255):  (Net::SCP::Error)
-    transport:
-      max_ssh_sessions: 1
-  - name: amazonlinux-2-master-py3
-    driver:
-      image: saltimages/salt-master-py3:amazonlinux-2
-
-  ## SALT `3000.3`
-  - name: debian-10-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:debian-10
-  - name: debian-9-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:debian-9
-  - name: ubuntu-1804-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:ubuntu-18.04
-  - name: centos-8-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:centos-8
-  - name: centos-7-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:centos-7
-  - name: fedora-31-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:fedora-31
-  - name: opensuse-leap-152-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:opensuse-leap-15.2
-      run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
-    # => SCP did not finish successfully (255):  (Net::SCP::Error)
-    transport:
-      max_ssh_sessions: 1
-  - name: amazonlinux-2-3000-3-py3
-    driver:
-      image: saltimages/salt-3000.3-py3:amazonlinux-2
-  - name: ubuntu-1804-3000-3-py2
-    driver:
-      image: saltimages/salt-3000.3-py2:ubuntu-18.04
-  - name: ubuntu-1604-3000-3-py2
-    driver:
-      image: saltimages/salt-3000.3-py2:ubuntu-16.04
-  - name: arch-base-latest-3000-3-py2
-    driver:
-      image: saltimages/salt-3000.3-py2:arch-base-latest
-      run_command: /usr/lib/systemd/systemd
-
-  ## SALT `2019.2`
-  - name: debian-10-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:debian-10
-  - name: debian-9-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:debian-9
-  - name: ubuntu-1804-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:ubuntu-18.04
-  - name: ubuntu-1604-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:ubuntu-16.04
-  - name: centos-8-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:centos-8
-  - name: centos-7-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:centos-7
-  - name: fedora-31-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:fedora-31
-  - name: opensuse-leap-152-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:opensuse-leap-15.2
-      run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
-    # => SCP did not finish successfully (255):  (Net::SCP::Error)
-    transport:
-      max_ssh_sessions: 1
-  - name: amazonlinux-2-2019-2-py3
-    driver:
-      image: saltimages/salt-2019.2-py3:amazonlinux-2
-  - name: centos-6-2019-2-py2
-    driver:
-      image: saltimages/salt-2019.2-py2:centos-6
-      run_command: /sbin/init
-  - name: amazonlinux-1-2019-2-py2
-    driver:
-      image: saltimages/salt-2019.2-py2:amazonlinux-1
-      run_command: /sbin/init
-  - name: arch-base-latest-2019-2-py2
-    driver:
-      image: saltimages/salt-2019.2-py2:arch-base-latest
-      run_command: /usr/lib/systemd/systemd
+  run_command: /usr/lib/systemd/systemd

 provisioner:
  name: salt_solo
@ -139,18 +18,259 @@ provisioner:
    - .kitchen
    - .git

+platforms:
+  ## SALT `tiamat`
+  - name: debian-11-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:debian-11
+      run_command: /lib/systemd/systemd
+  - name: debian-10-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:debian-10
+      run_command: /lib/systemd/systemd
+  - name: debian-9-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:debian-9
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2204-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:ubuntu-22.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2004-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:ubuntu-20.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-1804-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:ubuntu-18.04
+      run_command: /lib/systemd/systemd
+  - name: centos-stream8-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:centos-stream8
+  - name: centos-7-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:centos-7
+  - name: amazonlinux-2-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:amazonlinux-2
+  - name: oraclelinux-8-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:oraclelinux-8
+  - name: oraclelinux-7-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:oraclelinux-7
+  - name: almalinux-8-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:almalinux-8
+  - name: rockylinux-8-tiamat-py3
+    driver:
+      image: saltimages/salt-tiamat-py3:rockylinux-8
+
+  ## SALT `master`
+  - name: debian-11-master-py3
+    driver:
+      image: saltimages/salt-master-py3:debian-11
+      run_command: /lib/systemd/systemd
+  - name: debian-10-master-py3
+    driver:
+      image: saltimages/salt-master-py3:debian-10
+      run_command: /lib/systemd/systemd
+  - name: debian-9-master-py3
+    driver:
+      image: saltimages/salt-master-py3:debian-9
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2204-master-py3
+    driver:
+      image: saltimages/salt-master-py3:ubuntu-22.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2004-master-py3
+    driver:
+      image: saltimages/salt-master-py3:ubuntu-20.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-1804-master-py3
+    driver:
+      image: saltimages/salt-master-py3:ubuntu-18.04
+      run_command: /lib/systemd/systemd
+  - name: centos-stream8-master-py3
+    driver:
+      image: saltimages/salt-master-py3:centos-stream8
+  - name: centos-7-master-py3
+    driver:
+      image: saltimages/salt-master-py3:centos-7
+  - name: fedora-36-master-py3
+    driver:
+      image: saltimages/salt-master-py3:fedora-36
+  - name: fedora-35-master-py3
+    driver:
+      image: saltimages/salt-master-py3:fedora-35
+  - name: opensuse-leap-153-master-py3
+    driver:
+      image: saltimages/salt-master-py3:opensuse-leap-15.3
+    # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
+    # => SCP did not finish successfully (255):  (Net::SCP::Error)
+    transport:
+      max_ssh_sessions: 1
+  - name: opensuse-tmbl-latest-master-py3
+    driver:
+      image: saltimages/salt-master-py3:opensuse-tumbleweed-latest
+    # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
+    # => SCP did not finish successfully (255):  (Net::SCP::Error)
+    transport:
+      max_ssh_sessions: 1
+  - name: amazonlinux-2-master-py3
+    driver:
+      image: saltimages/salt-master-py3:amazonlinux-2
+  - name: oraclelinux-8-master-py3
+    driver:
+      image: saltimages/salt-master-py3:oraclelinux-8
+  - name: oraclelinux-7-master-py3
+    driver:
+      image: saltimages/salt-master-py3:oraclelinux-7
+  - name: arch-base-latest-master-py3
+    driver:
+      image: saltimages/salt-master-py3:arch-base-latest
+  - name: gentoo-stage3-latest-master-py3
+    driver:
+      image: saltimages/salt-master-py3:gentoo-stage3-latest
+      run_command: /sbin/init
+  - name: gentoo-stage3-systemd-master-py3
+    driver:
+      image: saltimages/salt-master-py3:gentoo-stage3-systemd
+  - name: almalinux-8-master-py3
+    driver:
+      image: saltimages/salt-master-py3:almalinux-8
+  - name: rockylinux-8-master-py3
+    driver:
+      image: saltimages/salt-master-py3:rockylinux-8
+
+  ## SALT `3004.1`
+  - name: debian-11-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:debian-11
+      run_command: /lib/systemd/systemd
+  - name: debian-10-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:debian-10
+      run_command: /lib/systemd/systemd
+  - name: debian-9-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:debian-9
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2204-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:ubuntu-22.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2004-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:ubuntu-20.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-1804-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:ubuntu-18.04
+      run_command: /lib/systemd/systemd
+  - name: centos-stream8-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:centos-stream8
+  - name: centos-7-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:centos-7
+  - name: fedora-36-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:fedora-36
+  - name: fedora-35-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:fedora-35
+  - name: amazonlinux-2-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:amazonlinux-2
+  - name: oraclelinux-8-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:oraclelinux-8
+  - name: oraclelinux-7-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:oraclelinux-7
+  - name: arch-base-latest-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:arch-base-latest
+  - name: gentoo-stage3-latest-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:gentoo-stage3-latest
+      run_command: /sbin/init
+  - name: gentoo-stage3-systemd-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:gentoo-stage3-systemd
+  - name: almalinux-8-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:almalinux-8
+  - name: rockylinux-8-3004-1-py3
+    driver:
+      image: saltimages/salt-3004.1-py3:rockylinux-8
+
+  ## SALT `3004.0`
+  - name: opensuse-leap-153-3004-0-py3
+    driver:
+      image: saltimages/salt-3004.0-py3:opensuse-leap-15.3
+    # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
+    # => SCP did not finish successfully (255):  (Net::SCP::Error)
+    transport:
+      max_ssh_sessions: 1
+  - name: opensuse-tmbl-latest-3004-0-py3
+    driver:
+      image: saltimages/salt-3004.0-py3:opensuse-tumbleweed-latest
+    # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
+    # => SCP did not finish successfully (255):  (Net::SCP::Error)
+    transport:
+      max_ssh_sessions: 1
+
+  ## SALT `3003.4`
+  - name: debian-10-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:debian-10
+      run_command: /lib/systemd/systemd
+  - name: debian-9-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:debian-9
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-2004-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:ubuntu-20.04
+      run_command: /lib/systemd/systemd
+  - name: ubuntu-1804-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:ubuntu-18.04
+      run_command: /lib/systemd/systemd
+  - name: centos-stream8-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:centos-stream8
+  - name: centos-7-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:centos-7
+  - name: amazonlinux-2-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:amazonlinux-2
+  - name: oraclelinux-8-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:oraclelinux-8
+  - name: oraclelinux-7-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:oraclelinux-7
+  - name: almalinux-8-3003-4-py3
+    driver:
+      image: saltimages/salt-3003.4-py3:almalinux-8
+
 verifier:
  # https://www.inspec.io/
  name: inspec
  sudo: true
-  # cli, documentation, html, progress, json, json-min, json-rspec, junit
  reporter:
+    # cli, documentation, html, progress, json, json-min, json-rspec, junit
    - cli

 suites:
  - name: default
    driver:
      hostname: example.net
+      vm_hostname: example.net
    provisioner:
      state_top:
        base:
--- a/openssh/known_hosts.sls
+++ b/openssh/known_hosts.sls
@ -3,9 +3,13 @@
 {%- from tplroot ~ "/libtofs.jinja" import files_switch %}
 {%- set openssh = mapdata.openssh %}

+{%- if openssh.dig_pkg %}
 ensure dig is available:
  pkg.installed:
    - name: {{ openssh.dig_pkg }}
+    - require_in:
+      - file: manage ssh_known_hosts file
+{%- endif %}

 manage ssh_known_hosts file:
  file.managed:
@ -19,5 +23,3 @@ manage ssh_known_hosts file:
    - user: root
    - group: {{ openssh.ssh_config_group }}
    - mode: 644
-    - require:
-      - pkg: ensure dig is available
--- a/openssh/libmapstack.jinja
+++ b/openssh/libmapstack.jinja
@ -3,7 +3,7 @@

 {#- Get the `tplroot` from `tpldir` #}
 {%- set tplroot = tpldir.split("/")[0] %}
-{%- from tplroot ~ "/libmatchers.jinja" import parse_matchers, query_map %}
+{%- from tplroot ~ "/libmatchers.jinja" import parse_matchers, query_map with context %}

 {%- set _default_config_dirs = [
      "parameters/",
@ -95,8 +95,10 @@
 {%-   set stack = defaults | default({"values": {} }, boolean=True) %}

 {#-   Build configuration file names based on matchers #}
+{%-   set config_get_strategy = salt["config.get"](tplroot ~ ":strategy", None) %}
 {%-   set matchers = parse_matchers(
        matchers,
+        config_get_strategy=config_get_strategy,
        log_prefix=log_prefix
      )
      | load_yaml %}
@ -179,7 +181,7 @@
 {#-         Load YAML file matching the grain/pillar/... #}
 {#-         Fallback to use the source name as a direct filename #}

-{%-         if matcher.value | length == 0 %}
+{%-         if matcher.value is sequence and matcher.value | length == 0 %}
 {#-           Mangle `matcher.value` to use it as literal path #}
 {%-           set query_parts = matcher.query.split("/") %}
 {%-           set yaml_dirname = query_parts[0:-1] | join("/") %}
@ -192,8 +194,26 @@
 {#-         Some configuration return list #}
 {%-         if yaml_names is string %}
 {%-           set yaml_names = [yaml_names] %}
+{%-         elif yaml_names is sequence %}
+{#-           Convert to strings if it's a sequence of numbers #}
+{%-           set yaml_names = yaml_names | map("string") | list %}
+{%-         else %}
+{%-           set yaml_names = [yaml_names | string] %}
 {%-         endif %}

+{#-         Try to load a `.yaml.jinja` file for each `.yaml` file #}
+{%-         set all_yaml_names = [] %}
+{%-         for name in yaml_names %}
+{%-           set extension = name.rpartition(".")[2] %}
+{%-           if extension not in ["yaml", "jinja"] %}
+{%-             do all_yaml_names.extend([name ~ ".yaml", name ~ ".yaml.jinja"]) %}
+{%-           elif extension == "yaml" %}
+{%-             do all_yaml_names.extend([name, name ~ ".jinja"]) %}
+{%-           else %}
+{%-             do all_yaml_names.append(name) %}
+{%-           endif %}
+{%-         endfor %}
+
 {#-         `yaml_dirname` can be an empty string with literal path like `myconf.yaml` #}
 {%-         set yaml_dir = [
              param_dir,
@ -202,15 +222,10 @@
            | select
            | join("/") %}

-{%-         for yaml_name in yaml_names %}
-{#-           Make sure to have a `.yaml` extension #}
-{#-           Use `.rpartition` to strip last `.yaml` in `dir.yaml/file.yaml` #}
+{%-         for yaml_name in all_yaml_names %}
 {%-           set yaml_filename = [
                yaml_dir.rstrip("/"),
-                yaml_name.rpartition(".yaml")
-                | reject("equalto", ".yaml")
-                | join
-                ~ ".yaml"
+                yaml_name
              ]
              | select
              | join("/") %}
@ -228,7 +243,7 @@
 {%-             do salt["log.debug"](
                  log_prefix
                  ~ "loaded configuration values from "
-                  ~ yaml_name
+                  ~ yaml_filename
                  ~ ":\n"
                  ~ yaml_values
                  | yaml(False)
@ -271,7 +286,7 @@
 {%-             do salt["log.debug"](
                  log_prefix
                  ~ "merged configuration values from "
-                  ~ yaml_name
+                  ~ yaml_filename
                  ~ ", merge: strategy='"
                  ~ strategy
                  ~ "', merge_lists='"
--- a/openssh/libmatchers.jinja
+++ b/openssh/libmatchers.jinja
@ -3,7 +3,7 @@

 {#- Get the `tplroot` from `tpldir` #}
 {%- set tplroot = tpldir.split("/")[0] %}
-{%- from tplroot ~ "/libsaltcli.jinja" import cli %}
+{%- from tplroot ~ "/libsaltcli.jinja" import cli with context %}

 {%- set query_map = {
      "C": "config.get",
@ -12,11 +12,11 @@
    } %}

 {#- When no part before `@` is provided: #}
-{#-   - define a filename path, noted `F` #}
+{#-   - define a YAML file path, noted `Y` #}
 {#-   - use `salt["config.get"]`, noted `C` #}
 {#-   - use colon `:` delimiter for querying #}
 {%- set _defaults = {
-      "type": "F",
+      "type": "Y",
      "query_type": "C",
      "query_delimiter": ":"
    } %}
@ -28,11 +28,11 @@
    ) %}
 {#-   matcher format is `[<TYPE>[:<OPTION>[:DELIMITER]]@]<KEY>` #}
 {#-   each matcher has a type: #}
-{#-   - `F` to build a file name (the default when no type is set) #}
+{#-   - `Y` to build a YAML file name (the default when no type is set) #}
 {#-   - `C` to lookup values with `config.get` #}
 {#-   - `G` to lookup values with `grains.get` #}
 {#-   - `I` to lookup values with `pillar.get` #}
-{#-   The `FILE` type option can define query type to build the file name: #}
+{#-   The `YAML` type option can define query type to build the file name: #}
 {#-   - `C` for query with `config.get` (the default when to query type is set) #}
 {#-   - `G` for query with `grains.get` #}
 {#-   - `I` for query with `pillar.get` #}
@ -162,7 +162,7 @@
 {%-     endif %}

 {#-     Add `merge:` option to `salt["config.get"]` if configured #}
-{%-     if cli in ["minion", "local"] and parsed.query_method == "config.get" and config_get_strategy %}
+{%-     if cli not in ["ssh", "unknown"] and parsed.query_method == "config.get" and config_get_strategy %}
 {%-       set query_opts = {
            "merge": config_get_strategy,
            "delimiter": parsed.query_delimiter,
@ -175,8 +175,8 @@
            ~ "'"
          ) %}
 {%-     else %}
-{%-       if cli not in ["minion", "local"] %}
-{%-         do salt["log.error"](
+{%-       if cli in ["ssh", "unknown"] %}
+{%-         do salt["log.warning"](
              log_prefix
              ~ "the 'delimiter' and 'merge' options of 'config.get' are skipped when the salt command type is '"
              ~ cli
--- a/openssh/libsaltcli.jinja
+++ b/openssh/libsaltcli.jinja
@ -1,5 +1,5 @@
-# -*- coding: utf-8 -*-
-# vim: ft=jinja
+{#- -*- coding: utf-8 -*- #}
+{#- vim: ft=jinja #}

 {#- Get the relevant values from the `opts` dict #}
 {%- set opts_cli = opts.get('__cli', '') %}
@ -10,6 +10,8 @@
 {%-   set cli = 'minion' %}
 {%- elif opts_cli == 'salt-call' %}
 {%-   set cli = 'ssh' if opts_masteropts_cli in ('salt-ssh', 'salt-master') else 'local' %}
+{%- elif opts_cli %}
+{%-   set cli = 'api' %}
 {%- else %}
 {%-   set cli = 'unknown' %}
 {%- endif %}
--- a/openssh/map.jinja
+++ b/openssh/map.jinja
@ -1,9 +1,9 @@
-# -*- coding: utf-8 -*-
-# vim: ft=jinja
+{#- -*- coding: utf-8 -*- #}
+{#- vim: ft=jinja #}

 {#- Get the `tplroot` from `tpldir` #}
 {%- set tplroot = tpldir.split("/")[0] %}
-{%- from tplroot ~ "/libmapstack.jinja" import mapstack %}
+{%- from tplroot ~ "/libmapstack.jinja" import mapstack with context %}

 {#- Where to lookup parameters source files #}
 {%- set formula_param_dir = tplroot ~ "/parameters" %}
@ -38,6 +38,7 @@

 {#- Load formula parameters values #}
 {%- set _formula_matchers = ["defaults.yaml"] + map_sources %}
+
 {%- set _formula_settings = mapstack(
      matchers=_formula_matchers,
      dirs=[formula_param_dir],
@ -59,3 +60,7 @@

 {%- do salt["log.debug"]("map.jinja: save parameters in variable 'mapdata'") %}
 {%- set mapdata = _formula_settings["values"] %}
+
+{#- Per formula post-processing of `mapdata` if it exists #}
+{%- do salt["log.debug"]("map.jinja: post-processing of 'mapdata'") %}
+{%- include tplroot ~ "/post-map.jinja" ignore missing %}
--- a/openssh/parameters/os_family/OpenBSD.yaml
+++ b/openssh/parameters/os_family/OpenBSD.yaml
@ -12,6 +12,8 @@
 values:
  openssh:
    service: sshd
+    # Already installed: `base68:/usr/bin/dig`
+    dig_pkg: ~
    sshd_config_group: wheel
    ssh_config_group: wheel
  sshd_config:
--- a/pre-commit_semantic-release.sh
+++ b/pre-commit_semantic-release.sh
@ -7,16 +7,16 @@ sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA


 ###############################################################################
-# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst`
+# (B) Use `m2r2` to convert automatically produced `.md` docs to `.rst`
 ###############################################################################

-# Install `m2r`
-pip3 install m2r
+# Install `m2r2`
+pip3 install m2r2

 # Copy and then convert the `.md` docs
 cp ./*.md docs/
 cd docs/ || exit
-m2r --overwrite ./*.md
+m2r2 --overwrite ./*.md

 # Change excess `H1` headings to `H2` in converted `CHANGELOG.rst`
 sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst
--- a/test/integration/default/controls/_mapdata_spec.rb
+++ b/test/integration/default/controls/_mapdata_spec.rb
@ -2,8 +2,8 @@

 require 'yaml'

-control '`map.jinja` YAML dump' do
-  title 'should match the comparison file'
+control 'openssh._mapdata' do
+  title '`map.jinja` should match the reference file'

  ### Method
  # The steps below for each file appear convoluted but they are both required
@ -23,7 +23,7 @@ control '`map.jinja` YAML dump' do
  mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
  # Load the mapdata from profile, into a YAML structure
  # https://docs.chef.io/inspec/profiles/#profile-files
-  mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path))
+  mapdata_file_yaml = YAML.load(inspec.profile.file(mapdata_file_path))
  # Dump the YAML back into a string for comparison
  mapdata_file_dump = YAML.dump(mapdata_file_yaml)

--- a/test/integration/default/controls/config_spec.rb
+++ b/test/integration/default/controls/config_spec.rb
@ -27,7 +27,9 @@ control 'openssh configuration' do
    its('content') { should include 'PrintMotd no' }
    its('content') { should include 'AcceptEnv LANG LC_*' }
    its('content') { should include 'Subsystem sftp /usr/lib/openssh/sftp-server' }
-    its('content') { should include 'UsePAM yes' }
+    unless %w[openbsd].include?(platform[:name])
+      its('content') { should include 'UsePAM yes' }
+    end
  end

  describe file('/etc/ssh/ssh_config') do
@ -45,7 +47,7 @@ control 'openssh configuration' do
    it { should be_file }
    its('mode') { should cmp '0644' }
    it { should be_owned_by 'root' }
-    it { should be_grouped_into 'root' }
+    it { should be_grouped_into root_group }
    its('content') { should include github_known_host }
    its('content') { should match(gitlab_known_host_re) }
    its('content') { should include minion_rsa_known_host }
--- a/test/integration/default/files/_mapdata/almalinux-8.yaml
+++ b/test/integration/default/files/_mapdata/almalinux-8.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# AlmaLinux-8
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/arch-base-latest.yaml
+++ b/test/integration/default/files/_mapdata/arch-base-latest.yaml
@ -180,6 +180,7 @@ values:
    AcceptEnv: LANG LC_*
    ChallengeResponseAuthentication: 'no'
    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
    Subsystem: sftp /usr/lib/openssh/sftp-server
    UsePAM: 'yes'
    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/debian-11.yaml
+++ b/test/integration/default/files/_mapdata/debian-11.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Debian-11
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-client
+    client_version: latest
+    dig_pkg: dnsutils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: ssh
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/fedora-33.yaml
+++ b/test/integration/default/files/_mapdata/fedora-33.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Fedora-33
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/fedora-34.yaml
+++ b/test/integration/default/files/_mapdata/fedora-34.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Fedora-34
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/fedora-35.yaml
+++ b/test/integration/default/files/_mapdata/fedora-35.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Fedora-35
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/fedora-36.yaml
+++ b/test/integration/default/files/_mapdata/fedora-36.yaml
@ -0,0 +1,186 @@
+# yamllint disable rule:indentation rule:line-length
+# Fedora-36
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/freebsd-11.yaml
+++ b/test/integration/default/files/_mapdata/freebsd-11.yaml
@ -0,0 +1,183 @@
+# yamllint disable rule:indentation rule:line-length
+# FreeBSD-12
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client_version: latest
+    dig_pkg: bind-tools
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: wheel
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: wheel
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/freebsd-12.yaml
+++ b/test/integration/default/files/_mapdata/freebsd-12.yaml
@ -0,0 +1,183 @@
+# yamllint disable rule:indentation rule:line-length
+# FreeBSD-12
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client_version: latest
+    dig_pkg: bind-tools
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: wheel
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: wheel
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/freebsd-13.yaml
+++ b/test/integration/default/files/_mapdata/freebsd-13.yaml
@ -0,0 +1,183 @@
+# yamllint disable rule:indentation rule:line-length
+# FreeBSD-13
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client_version: latest
+    dig_pkg: bind-tools
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: wheel
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: wheel
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/gentoo-2-sysd.yaml
+++ b/test/integration/default/files/_mapdata/gentoo-2-sysd.yaml
@ -0,0 +1,186 @@
+# yamllint disable rule:indentation rule:line-length
+# Gentoo-2
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: net-misc/openssh
+    client_version: latest
+    dig_pkg: net-dns/bind-tools
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: net-misc/openssh
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/gentoo-2-sysv.yaml
+++ b/test/integration/default/files/_mapdata/gentoo-2-sysv.yaml
@ -0,0 +1,186 @@
+# yamllint disable rule:indentation rule:line-length
+# Gentoo-2
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: net-misc/openssh
+    client_version: latest
+    dig_pkg: net-dns/bind-tools
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: net-misc/openssh
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/openbsd-6.yaml
+++ b/test/integration/default/files/_mapdata/openbsd-6.yaml
@ -0,0 +1,183 @@
+# yamllint disable rule:indentation rule:line-length
+# OpenBSD-6
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client_version: latest
+    dig_pkg: ~
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: wheel
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: wheel
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/openbsd-7.yaml
+++ b/test/integration/default/files/_mapdata/openbsd-7.yaml
@ -0,0 +1,183 @@
+# yamllint disable rule:indentation rule:line-length
+# OpenBSD-7
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client_version: latest
+    dig_pkg: ~
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: wheel
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: wheel
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/opensuse-tumbleweed.yaml
+++ b/test/integration/default/files/_mapdata/opensuse-tumbleweed.yaml
@ -0,0 +1,186 @@
+# yamllint disable rule:indentation rule:line-length
+# openSUSE Tumbleweed-yyyymmdd
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/oraclelinux-7.yaml
+++ b/test/integration/default/files/_mapdata/oraclelinux-7.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Oracle Linux Server-7
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/oraclelinux-8.yaml
+++ b/test/integration/default/files/_mapdata/oraclelinux-8.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Oracle Linux Server-8
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/rockylinux-8.yaml
+++ b/test/integration/default/files/_mapdata/rockylinux-8.yaml
@ -0,0 +1,185 @@
+# yamllint disable rule:indentation rule:line-length
+# Rocky Linux-8
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-clients
+    client_version: latest
+    dig_pkg: bind-utils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: sshd
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/files/_mapdata/ubuntu-22.yaml
+++ b/test/integration/default/files/_mapdata/ubuntu-22.yaml
@ -0,0 +1,186 @@
+# yamllint disable rule:indentation rule:line-length
+# Ubuntu-22.04
+---
+values:
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C:SUB@openssh:lookup
+    - C:SUB@openssh
+    - C:SUB@sshd_config:lookup
+    - C:SUB@sshd_config
+    - C:SUB@ssh_config:lookup
+    - C:SUB@ssh_config
+    - Y:G@id
+  openssh:
+    absent_dsa_keys: false
+    absent_ecdsa_keys: false
+    absent_ed25519_keys: false
+    absent_rsa_keys: false
+    auth:
+      joe-non-valid-ssh-key:
+      - comment: obsolete key - removed
+        enc: ssh-rsa
+        present: false
+        source: salt://ssh_keys/joe.no-valid.pub
+        user: joe
+      joe-valid-ssh-key-desktop:
+      - comment: main key - desktop
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.desktop.pub
+        user: joe
+      joe-valid-ssh-key-notebook:
+      - comment: main key - notebook
+        enc: ssh-rsa
+        present: true
+        source: salt://ssh_keys/joe.netbook.pub
+        user: joe
+    auth_map:
+      personal_keys:
+        source: salt://ssh_keys
+        users:
+          joe:
+            joe.desktop: {}
+            joe.netbook:
+              options: []
+            joe.no-valid:
+              present: false
+    banner: /etc/ssh/banner
+    banner_src: banner
+    banner_string: 'Welcome to example.net!
+  '
+    client: openssh-client
+    client_version: latest
+    dig_pkg: dnsutils
+    dsa:
+      private_key: '-----BEGIN DSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END DSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-dss NOT_DEFINED
+  '
+    ecdsa:
+      private_key: '-----BEGIN EC PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END EC PRIVATE KEY-----
+  '
+      public_key: 'ecdsa-sha2-nistp256 NOT_DEFINED
+  '
+    ed25519:
+      private_key: '-----BEGIN OPENSSH PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END OPENSSH PRIVATE KEY-----
+  '
+      public_key: 'ssh-ed25519 NOT_DEFINED
+  '
+    enforce_rsa_size: false
+    generate_dsa_keys: false
+    generate_ecdsa_keys: false
+    generate_ed25519_keys: false
+    generate_rsa_keys: false
+    generate_rsa_size: 4096
+    host_key_algos: ecdsa,ed25519,rsa
+    known_hosts:
+      aliases:
+      - cname-to-minion.example.org
+      - alias.example.org
+      hostnames: false
+      include_localhost: false
+      mine_hostname_function: public_ssh_hostname
+      mine_keys_function: public_ssh_host_keys
+      omit_ip_address:
+      - github.com
+      salt_ssh:
+        public_ssh_host_keys:
+          minion.id: 'ssh-rsa [...]
+
+            ssh-ed25519 [...]
+  '
+        public_ssh_host_names:
+          minion.id:
+          - minion.id
+          - alias.of.minion.id
+        user: salt-master
+      static:
+        github.com: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]
+        gitlab.com: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bN[...]
+      target: '*'
+      tgt_type: glob
+    moduli: '# Time Type Tests Tries Size Generator Modulus
+
+      20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+
+      20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+
+      20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+
+      20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+  '
+    provide_dsa_keys: false
+    provide_ecdsa_keys: false
+    provide_ed25519_keys: false
+    provide_rsa_keys: false
+    root_group: root
+    rsa:
+      private_key: '-----BEGIN RSA PRIVATE KEY-----
+
+        NOT_DEFINED
+
+        -----END RSA PRIVATE KEY-----
+  '
+      public_key: 'ssh-rsa NOT_DEFINED
+  '
+    server: openssh-server
+    server_version: latest
+    service: ssh
+    ssh_config: /etc/ssh/ssh_config
+    ssh_config_backup: true
+    ssh_config_group: root
+    ssh_config_mode: '644'
+    ssh_config_src: ssh_config
+    ssh_config_user: root
+    ssh_known_hosts: /etc/ssh/ssh_known_hosts
+    ssh_known_hosts_src: ssh_known_hosts
+    ssh_moduli: /etc/ssh/moduli
+    sshd_binary: /usr/sbin/sshd
+    sshd_config: /etc/ssh/sshd_config
+    sshd_config_backup: true
+    sshd_config_group: root
+    sshd_config_mode: '644'
+    sshd_config_src: sshd_config
+    sshd_config_user: root
+    sshd_enable: true
+    tofs:
+      source_files:
+        manage ssh_known_hosts file:
+        - alt_ssh_known_hosts
+        ssh_config:
+        - alt_ssh_config
+        sshd_banner:
+        - fire_banner
+        sshd_config:
+        - alt_sshd_config
+  ssh_config:
+    Hosts:
+      '*':
+        GSSAPIAuthentication: 'yes'
+        HashKnownHosts: 'yes'
+        SendEnv: LANG LC_*
+  sshd_config:
+    AcceptEnv: LANG LC_*
+    ChallengeResponseAuthentication: 'no'
+    PrintMotd: 'no'
+    PubkeyAcceptedAlgorithms: "+ssh-rsa"
+    Subsystem: sftp /usr/lib/openssh/sftp-server
+    UsePAM: 'yes'
+    X11Forwarding: 'yes'
--- a/test/integration/default/inspec.yml
+++ b/test/integration/default/inspec.yml
@ -17,5 +17,12 @@ supports:
  - platform-name: opensuse
  - platform-name: suse
  - platform-name: freebsd
+  - platform-name: openbsd
  - platform-name: amazon
+  - platform-name: oracle
  - platform-name: arch
+  - platform-name: gentoo
+  - platform-name: almalinux
+  - platform-name: rocky
+  - platform-name: mac_os_x
+  - platform: windows
--- a/test/integration/share/README.md
+++ b/test/integration/share/README.md
@ -13,9 +13,10 @@ The `system` library provides easy access to system dependent information:
 - `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
  - `system.platform[:family]` provide a family name for Arch and Gentoo
  - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
-  - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo and Windows:
+  - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows:
    - `Arch` is always `base-latest`
    - `Amazon Linux` release `2018` is resolved as `1`
    - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
+    - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format
    - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
  - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)
--- a/test/integration/share/inspec.yml
+++ b/test/integration/share/inspec.yml
@ -14,8 +14,12 @@ supports:
  - platform-name: opensuse
  - platform-name: suse
  - platform-name: freebsd
+  - platform-name: openbsd
  - platform-name: amazon
  - platform-name: oracle
  - platform-name: arch
  - platform-name: gentoo
+  - platform-name: almalinux
+  - platform-name: rocky
+  - platform-name: mac_os_x
  - platform: windows
--- a/test/integration/share/libraries/system.rb
+++ b/test/integration/share/libraries/system.rb
@ -4,6 +4,7 @@
 # Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
 # Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr>

+# rubocop:disable Metrics/ClassLength
 class SystemResource < Inspec.resource(1)
  name 'system'

@ -21,7 +22,8 @@ class SystemResource < Inspec.resource(1)
      family: build_platform_family,
      name: build_platform_name,
      release: build_platform_release,
-      finger: build_platform_finger
+      finger: build_platform_finger,
+      codename: build_platform_codename
    }
  end

@ -36,42 +38,47 @@ class SystemResource < Inspec.resource(1)

  def build_platform_name
    case inspec.platform[:name]
-    when 'amazon', 'oracle'
+    when 'amazon', 'oracle', 'rocky'
      "#{inspec.platform[:name]}linux"
-    when 'windows_8.1_pro', 'windows_server_2019_datacenter'
-      'windows'
+    when /^windows_/
+      inspec.platform[:family]
    else
      inspec.platform[:name]
    end
  end

-  # rubocop:disable Metrics/MethodLength
+  # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
  def build_platform_release
    case inspec.platform[:name]
    when 'amazon'
-      # `2018` relase is named `1` in kitchen.yaml
+      # `2018` relase is named `1` in `kitchen.yml`
      inspec.platform[:release].gsub(/2018.*/, '1')
    when 'arch'
      'base-latest'
    when 'gentoo'
      "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
+    when 'mac_os_x'
+      inspec.command('sw_vers -productVersion').stdout.to_s
+    when 'opensuse'
+      # rubocop:disable Style/NumericLiterals,Layout/LineLength
+      inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release]
+      # rubocop:enable Style/NumericLiterals,Layout/LineLength
    when 'windows_8.1_pro'
      '8.1'
+    when 'windows_server_2022_datacenter'
+      '2022-server'
    when 'windows_server_2019_datacenter'
      '2019-server'
+    when 'windows_server_2016_datacenter'
+      '2016-server'
    else
      inspec.platform[:release]
    end
  end
-  # rubocop:enable Metrics/MethodLength
+  # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity

  def derive_gentoo_init_system
-    case inspec.command('systemctl').exist?
-    when true
-      'sysd'
-    else
-      'sysv'
-    end
+    inspec.command('systemctl').exist? ? 'sysd' : 'sysv'
  end

  def build_platform_finger
@ -86,4 +93,46 @@ class SystemResource < Inspec.resource(1)
      build_platform_release.split('.')[0]
    end
  end
+
+  # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity
+  def build_platform_codename
+    case build_platform_finger
+    when 'ubuntu-22.04'
+      'jammy'
+    when 'ubuntu-20.04'
+      'focal'
+    when 'ubuntu-18.04'
+      'bionic'
+    when 'debian-11'
+      'bullseye'
+    when 'debian-10'
+      'buster'
+    when 'debian-9'
+      'stretch'
+    when 'almalinux-8'
+      "AlmaLinux #{build_platform_release} (Arctic Sphynx)"
+    when 'amazonlinux-2'
+      'Amazon Linux 2'
+    when 'arch-base-latest'
+      'Arch Linux'
+    when 'centos-7'
+      'CentOS Linux 7 (Core)'
+    when 'centos-8'
+      'CentOS Stream 8'
+    when 'opensuse-tumbleweed'
+      'openSUSE Tumbleweed'
+    when 'opensuse-15'
+      "openSUSE Leap #{build_platform_release}"
+    when 'oraclelinux-8', 'oraclelinux-7'
+      "Oracle Linux Server #{build_platform_release}"
+    when 'gentoo-2-sysd', 'gentoo-2-sysv'
+      'Gentoo/Linux'
+    when 'rockylinux-8'
+      "Rocky Linux #{build_platform_release} (Green Obsidian)"
+    else
+      ''
+    end
+  end
+  # rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity
 end
+# rubocop:enable Metrics/ClassLength
--- a/test/salt/pillar/default.sls
+++ b/test/salt/pillar/default.sls
@ -22,7 +22,16 @@ sshd_config:
  PrintMotd: 'no'
  AcceptEnv: "LANG LC_*"
  Subsystem: "sftp /usr/lib/openssh/sftp-server"
+  {%- if grains.os != "OpenBSD" %}
  UsePAM: 'yes'
+  {%- endif %}
+  {#- Need this on various platforms to avoid the `kitchen verify` failure as mentioned above; see: #}
+  {#- * https://gitlab.com/saltstack-formulas/infrastructure/salt-image-builder/-/commit/cb6781a2bba9 #}
+  {%- if grains.os in ["Arch", "OpenBSD", "Gentoo"]
+      or grains.get("oscodename", "") in ["openSUSE Tumbleweed"]
+      or grains.get("osfinger", "") in ["Fedora Linux-36", "Ubuntu-22.04"] %}
+  PubkeyAcceptedAlgorithms: "+ssh-rsa"
+  {%- endif %}

 ssh_config:
  Hosts: