diff --git a/.editorconfig b/.editorconfig index d77700e..ecb10a8 100644 --- a/.editorconfig +++ b/.editorconfig @@ -1,14 +1,15 @@ # editorconfig.org -# MANAGED BY MODULESYNC +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ root = true [*] charset = utf-8 end_of_line = lf indent_size = 2 tab_width = 2 indent_style = space insert_final_newline = true trim_trailing_whitespace = true diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index f1f88cc..048d2b5 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1,282 +1,252 @@ # Contribution guidelines ## Table of contents * [Contributing](#contributing) * [Writing proper commits - short version](#writing-proper-commits-short-version) * [Writing proper commits - long version](#writing-proper-commits-long-version) * [Dependencies](#dependencies) * [Note for OS X users](#note-for-os-x-users) * [The test matrix](#the-test-matrix) * [Syntax and style](#syntax-and-style) * [Running the unit tests](#running-the-unit-tests) * [Unit tests in docker](#unit-tests-in-docker) * [Integration tests](#integration-tests) This module has grown over time based on a range of contributions from people using it. If you follow these contributing guidelines your patch will likely make it into a release a little more quickly. ## Contributing Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms. [Contributor Code of Conduct](https://voxpupuli.org/coc/). * Fork the repo. * Create a separate branch for your change. -* We only take pull requests with passing tests, and documentation. [travis-ci](http://travis-ci.org) runs the tests for us. You can also execute them locally. This is explained [in a later section](#the-test-matrix). +* We only take pull requests with passing tests, and documentation. [GitHub Actions](https://docs.github.com/en/actions) run the tests for us. You can also execute them locally. This is explained [in a later section](#the-test-matrix). * Checkout [our docs](https://voxpupuli.org/docs/reviewing_pr/) we use to review a module and the [official styleguide](https://puppet.com/docs/puppet/6.0/style_guide.html). They provide some guidance for new code that might help you before you submit a pull request. * Add a test for your change. Only refactoring and documentation changes require no new tests. If you are adding functionality or fixing a bug, please add a test. * Squash your commits down into logical components. Make sure to rebase against our current master. * Push the branch to your fork and submit a pull request. Please be prepared to repeat some of these steps as our contributors review your code. Also consider sending in your profile code that calls this component module as an acceptance test or provide it via an issue. This helps reviewers a lot to test your use case and prevents future regressions! ## Writing proper commits - short version * Make commits of logical units. * Check for unnecessary whitespace with "git diff --check" before committing. * Commit using Unix line endings (check the settings around "crlf" in git-config(1)). * Do not check in commented out code or unneeded files. * The first line of the commit message should be a short description (50 characters is the soft limit, excluding ticket number(s)), and should skip the full stop. * Associate the issue in the message. The first line should include the issue number in the form "(#XXXX) Rest of message". * The body should provide a meaningful commit message, which: *uses the imperative, present tense: `change`, not `changed` or `changes`. * includes motivation for the change, and contrasts its implementation with the previous behavior. * Make sure that you have tests for the bug you are fixing, or feature you are adding. * Make sure the test suites passes after your commit: * When introducing a new feature, make sure it is properly documented in the README.md ## Writing proper commits - long version 1. Make separate commits for logically separate changes. Please break your commits down into logically consistent units which include new or changed tests relevant to the rest of the change. The goal of doing this is to make the diff easier to read for whoever is reviewing your code. In general, the easier your diff is to read, the more likely someone will be happy to review it and get it into the code base. If you are going to refactor a piece of code, please do so as a separate commit from your feature or bug fix changes. We also really appreciate changes that include tests to make sure the bug is not re-introduced, and that the feature is not accidentally broken. Describe the technical detail of the change(s). If your description starts to get too long, that is a good sign that you probably need to split up your commit into more finely grained pieces. Commits which plainly describe the things which help reviewers check the patch and future developers understand the code are much more likely to be merged in with a minimum of bike-shedding or requested changes. Ideally, the commit message would include information, and be in a form suitable for inclusion in the release notes for the version of Puppet that includes them. Please also check that you are not introducing any trailing whitespace or other "whitespace errors". You can do this by running "git diff --check" on your changes before you commit. 2. Sending your patches To submit your changes via a GitHub pull request, we _highly_ recommend that you have them on a topic branch, instead of directly on `master`. It makes things much easier to keep track of, especially if you decide to work on another thing before your first change is merged in. GitHub has some pretty good [general documentation](http://help.github.com/) on using their site. They also have documentation on [creating pull requests](http://help.github.com/send-pull-requests/). In general, after pushing your topic branch up to your repository on GitHub, you can switch to the branch in the GitHub UI and click "Pull Request" towards the top of the page in order to open a pull request. 3. Update the related GitHub issue. If there is a GitHub issue associated with the change you submitted, then you should update the ticket to include the location of your branch, along with any other commentary you may wish to make. ## Dependencies The testing and development tools have a bunch of dependencies, all managed by [bundler](http://bundler.io/) according to the [Puppet support matrix](http://docs.puppetlabs.com/guides/platforms.html#ruby-versions). By default the tests use a baseline version of Puppet. If you have Ruby 2.x or want a specific version of Puppet, you must set an environment variable such as: ```sh export PUPPET_VERSION="~> 5.5.6" ``` You can install all needed gems for spec tests into the modules directory by running: ```sh bundle install --path .vendor/ --without development system_tests release --jobs "$(nproc)" ``` If you also want to run acceptance tests: ```sh bundle install --path .vendor/ --with system_tests --without development release --jobs "$(nproc)" ``` Our all in one solution if you don't know if you need to install or update gems: ```sh bundle install --path .vendor/ --with system_tests --without development release --jobs "$(nproc)"; bundle update; bundle clean ``` As an alternative to the `--jobs "$(nproc)` parameter, you can set an environment variable: ```sh BUNDLE_JOBS="$(nproc)" ``` ### Note for OS X users `nproc` isn't a valid command under OS x. As an alternative, you can do: ```sh --jobs "$(sysctl -n hw.ncpu)" ``` ## The test matrix ### Syntax and style The test suite will run [Puppet Lint](http://puppet-lint.com/) and [Puppet Syntax](https://github.com/gds-operations/puppet-syntax) to check various syntax and style things. You can run these locally with: ```sh bundle exec rake lint bundle exec rake validate ``` It will also run some [Rubocop](http://batsov.com/rubocop/) tests against it. You can run those locally ahead of time with: ```sh bundle exec rake rubocop ``` ### Running the unit tests The unit test suite covers most of the code, as mentioned above please add tests if you're adding new functionality. If you've not used [rspec-puppet](http://rspec-puppet.com/) before then feel free to ask about how best to test your new feature. To run the linter, the syntax checker and the unit tests: ```sh bundle exec rake test ``` To run your all the unit tests ```sh bundle exec rake spec ``` To run a specific spec test set the `SPEC` variable: ```sh bundle exec rake spec SPEC=spec/foo_spec.rb ``` #### Unit tests in docker Some people don't want to run the dependencies locally or don't want to install ruby. We ship a Dockerfile that enables you to run all unit tests and linting. You only need to run: ```sh docker build . ``` Please ensure that a docker daemon is running and that your user has the permission to talk to it. You can specify a remote docker host by setting the `DOCKER_HOST` environment variable. it will copy the content of the module into the docker image. So it will not work if a Gemfile.lock exists. ### Integration tests The unit tests just check the code runs, not that it does exactly what we want on a real machine. For that we're using [beaker](https://github.com/puppetlabs/beaker). This fires up a new virtual machine (using vagrant) and runs a series of simple tests against it after applying the module. You can run this with: ```sh -bundle exec rake beaker -``` - -This will run the tests on the module's default nodeset. You can override the -nodeset used, e.g., - -```sh -BEAKER_set=centos-7-x64 bundle exec rake beaker -``` - -There are default rake tasks for the various acceptance test modules, e.g., - -```sh -bundle exec rake beaker:centos-7-x64 -bundle exec rake beaker:ssh:centos-7-x64 -``` - -If you don't want to have to recreate the virtual machine every time you can -use `BEAKER_destroy=no` and `BEAKER_provision=no`. On the first run you will at -least need `BEAKER_provision` set to yes (the default). The Vagrantfile for the -created virtual machines will be in `.vagrant/beaker_vagrant_files`. - -Beaker also supports docker containers. We also use that in our automated CI -pipeline at [travis-ci](http://travis-ci.org). To use that instead of Vagrant: - -```sh -PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=debian10-64{hypervisor=docker} BEAKER_destroy=yes bundle exec rake beaker +BEAKER_setfile=debian10-x64 bundle exec rake beaker ``` You can replace the string `debian10` with any common operating system. The following strings are known to work: * ubuntu1604 * ubuntu1804 * ubuntu2004 * debian9 * debian10 * centos7 * centos8 -The easiest way to debug in a docker container is to open a shell: - -```sh -docker exec -it -u root ${container_id_or_name} bash -``` +For more information and tips & tricks, see [voxpupuli-acceptance's documentation](https://github.com/voxpupuli/voxpupuli-acceptance#running-tests). The source of this file is in our [modulesync_config](https://github.com/voxpupuli/modulesync_config/blob/master/moduleroot/.github/CONTRIBUTING.md.erb) repository. diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b4f47e8..d08d05e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,75 +1,90 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + name: CI on: pull_request +concurrency: + group: ${{ github.head_ref }} + cancel-in-progress: true + jobs: setup_matrix: name: 'Setup Test Matrix' runs-on: ubuntu-latest + timeout-minutes: 40 outputs: - beaker_setfiles: ${{ steps.get-outputs.outputs.beaker_setfiles }} - puppet_major_versions: ${{ steps.get-outputs.outputs.puppet_major_versions }} puppet_unit_test_matrix: ${{ steps.get-outputs.outputs.puppet_unit_test_matrix }} + github_action_test_matrix: ${{ steps.get-outputs.outputs.github_action_test_matrix }} env: - BUNDLE_WITHOUT: development:test:release + BUNDLE_WITHOUT: development:system_tests:release steps: - uses: actions/checkout@v2 - name: Setup ruby uses: ruby/setup-ruby@v1 with: - ruby-version: '2.7' + ruby-version: '3.0' bundler-cache: true - - name: Run rake validate - run: bundle exec rake validate + - name: Run static validations + run: bundle exec rake validate lint check + - name: Run rake rubocop + run: bundle exec rake rubocop - name: Setup Test Matrix id: get-outputs run: bundle exec metadata2gha --use-fqdn --pidfile-workaround false unit: needs: setup_matrix runs-on: ubuntu-latest + timeout-minutes: 40 strategy: fail-fast: false matrix: include: ${{fromJson(needs.setup_matrix.outputs.puppet_unit_test_matrix)}} env: BUNDLE_WITHOUT: development:system_tests:release PUPPET_VERSION: "~> ${{ matrix.puppet }}.0" name: Puppet ${{ matrix.puppet }} (Ruby ${{ matrix.ruby }}) steps: - uses: actions/checkout@v2 - name: Setup ruby uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - name: Run tests - run: bundle exec rake + run: bundle exec rake parallel_spec acceptance: needs: setup_matrix runs-on: ubuntu-latest env: BUNDLE_WITHOUT: development:test:release strategy: fail-fast: false matrix: - setfile: ${{fromJson(needs.setup_matrix.outputs.beaker_setfiles)}} - puppet: ${{fromJson(needs.setup_matrix.outputs.puppet_major_versions)}} + include: ${{fromJson(needs.setup_matrix.outputs.github_action_test_matrix)}} name: ${{ matrix.puppet.name }} - ${{ matrix.setfile.name }} steps: - - name: Enable IPv6 on docker - run: | - echo '{"ipv6":true,"fixed-cidr-v6":"2001:db8:1::/64"}' | sudo tee /etc/docker/daemon.json - sudo service docker restart - uses: actions/checkout@v2 - name: Setup ruby uses: ruby/setup-ruby@v1 with: - ruby-version: '2.7' + ruby-version: '3.0' bundler-cache: true - name: Run tests run: bundle exec rake beaker env: BEAKER_PUPPET_COLLECTION: ${{ matrix.puppet.collection }} BEAKER_setfile: ${{ matrix.setfile.value }} + + tests: + needs: + - unit + - acceptance + runs-on: ubuntu-latest + name: Test suite + steps: + - run: echo Test suite completed diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 68b8528..664ba69 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,29 +1,34 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + name: Release on: push: tags: - '*' env: BUNDLE_WITHOUT: development:test:system_tests jobs: deploy: name: 'deploy to forge' runs-on: ubuntu-latest + if: github.repository_owner == 'voxpupuli' steps: - name: Checkout repository uses: actions/checkout@v2 - name: Setup Ruby uses: ruby/setup-ruby@v1 with: ruby-version: '2.7' bundler-cache: true - name: Build and Deploy env: # Configure secrets here: # https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets BLACKSMITH_FORGE_USERNAME: '${{ secrets.PUPPET_FORGE_USERNAME }}' BLACKSMITH_FORGE_API_KEY: '${{ secrets.PUPPET_FORGE_API_KEY }}' run: bundle exec rake module:push diff --git a/.gitignore b/.gitignore index e9b3cf4..9b95224 100644 --- a/.gitignore +++ b/.gitignore @@ -1,20 +1,23 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + pkg/ Gemfile.lock Gemfile.local vendor/ .vendor/ spec/fixtures/manifests/ spec/fixtures/modules/ .vagrant/ .bundle/ .ruby-version coverage/ log/ .idea/ .dependencies/ .librarian/ Puppetfile.lock *.iml .*.sw? .yardoc/ Guardfile diff --git a/.msync.yml b/.msync.yml index a0770a8..43966c2 100644 --- a/.msync.yml +++ b/.msync.yml @@ -1,2 +1,5 @@ --- -modulesync_config_version: '4.0.0' +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +modulesync_config_version: '4.2.0' diff --git a/.overcommit.yml b/.overcommit.yml index 0af0fdc..d367ada 100644 --- a/.overcommit.yml +++ b/.overcommit.yml @@ -1,64 +1,65 @@ -# Managed by https://github.com/voxpupuli/modulesync_configs +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ # # Hooks are only enabled if you take action. # # To enable the hooks run: # # ``` # bundle exec overcommit --install # # ensure .overcommit.yml does not harm to you and then # bundle exec overcommit --sign # ``` # # (it will manage the .git/hooks directory): # # Examples howto skip a test for a commit or push: # # ``` # SKIP=RuboCop git commit # SKIP=PuppetLint git commit # SKIP=RakeTask git push # ``` # # Don't invoke overcommit at all: # # ``` # OVERCOMMIT_DISABLE=1 git commit # ``` # # Read more about overcommit: https://github.com/brigade/overcommit # # To manage this config yourself in your module add # # ``` # .overcommit.yml: # unmanaged: true # ``` # # to your modules .sync.yml config --- PreCommit: RuboCop: enabled: true description: 'Runs rubocop on modified files only' command: ['bundle', 'exec', 'rubocop'] PuppetLint: enabled: true description: 'Runs puppet-lint on modified files only' command: ['bundle', 'exec', 'puppet-lint'] YamlSyntax: enabled: true JsonSyntax: enabled: true TrailingWhitespace: enabled: true PrePush: RakeTarget: enabled: true description: 'Run rake targets' targets: - 'validate' - 'test' - 'rubocop' command: ['bundle', 'exec', 'rake'] diff --git a/.pmtignore b/.pmtignore index 33a8c65..65f5051 100644 --- a/.pmtignore +++ b/.pmtignore @@ -1,34 +1,37 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + docs/ pkg/ Gemfile Gemfile.lock Gemfile.local vendor/ .vendor/ spec/ Rakefile .vagrant/ .bundle/ .ruby-version coverage/ log/ .idea/ .dependencies/ .github/ .librarian/ Puppetfile.lock *.iml .editorconfig .fixtures.yml .gitignore .msync.yml .overcommit.yml .pmtignore .rspec .rspec_parallel .rubocop.yml .sync.yml .*.sw? .yardoc/ .yardopts Dockerfile diff --git a/.rspec b/.rspec index 8c18f1a..f634583 100644 --- a/.rspec +++ b/.rspec @@ -1,2 +1,5 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + --format documentation --color diff --git a/.rspec_parallel b/.rspec_parallel index e4d136b..a9a84f8 100644 --- a/.rspec_parallel +++ b/.rspec_parallel @@ -1 +1,4 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + --format progress diff --git a/.rubocop.yml b/.rubocop.yml index 198a359..53ac189 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,3 +1,6 @@ --- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + inherit_gem: voxpupuli-test: rubocop.yml diff --git a/.yardopts b/.yardopts deleted file mode 100644 index 3687f51..0000000 --- a/.yardopts +++ /dev/null @@ -1,2 +0,0 @@ ---markup markdown ---output-dir docs/ diff --git a/Dockerfile b/Dockerfile index 6fd6342..e3cf307 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,24 @@ -FROM ruby:2.5.3 +# MANAGED BY MODULESYNC +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +FROM ruby:2.7 WORKDIR /opt/puppet # https://github.com/puppetlabs/puppet/blob/06ad255754a38f22fb3a22c7c4f1e2ce453d01cb/lib/puppet/provider/service/runit.rb#L39 RUN mkdir -p /etc/sv ARG PUPPET_VERSION="~> 6.0" ARG PARALLEL_TEST_PROCESSORS=4 # Cache gems COPY Gemfile . RUN bundle install --without system_tests development release --path=${BUNDLE_PATH:-vendor/bundle} COPY . . RUN bundle install RUN bundle exec rake release_checks # Container should not saved RUN exit 1 diff --git a/Gemfile b/Gemfile index 0e0c9c1..a39114c 100644 --- a/Gemfile +++ b/Gemfile @@ -1,33 +1,34 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + source ENV['GEM_SOURCE'] || "https://rubygems.org" group :test do - gem 'voxpupuli-test', '~> 2.2', :require => false - gem 'coveralls', :require => false - gem 'simplecov-console', :require => false + gem 'voxpupuli-test', '~> 2.5', :require => false + gem 'coveralls', :require => false + gem 'simplecov-console', :require => false + gem 'puppet_metadata', '~> 1.0', :require => false end group :development do gem 'guard-rake', :require => false gem 'overcommit', '>= 0.39.1', :require => false end group :system_tests do - gem 'puppet_metadata', '~> 0.3.0', :require => false - gem 'voxpupuli-acceptance', :require => false + gem 'voxpupuli-acceptance', '~> 1.0', :require => false end group :release do - gem 'github_changelog_generator', :require => false, :git => 'https://github.com/voxpupuli/github-changelog-generator', :branch => 'voxpupuli_essential_fixes' - gem 'puppet-blacksmith', :require => false - gem 'voxpupuli-release', :require => false - gem 'puppet-strings', '>= 2.2', :require => false + gem 'github_changelog_generator', '>= 1.16.1', :require => false if RUBY_VERSION >= '2.5' + gem 'voxpupuli-release', '>= 1.0.2', :require => false + gem 'puppet-strings', '>= 2.2', :require => false end -gem 'puppetlabs_spec_helper', '~> 2.0', :require => false gem 'rake', :require => false gem 'facter', ENV['FACTER_GEM_VERSION'], :require => false, :groups => [:test] -puppetversion = ENV['PUPPET_VERSION'] || '~> 6.0' +puppetversion = ENV['PUPPET_VERSION'] || '>= 6.0' gem 'puppet', puppetversion, :require => false, :groups => [:test] # vim: syntax=ruby diff --git a/Rakefile b/Rakefile index d1bf749..80b799d 100644 --- a/Rakefile +++ b/Rakefile @@ -1,61 +1,72 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + # Attempt to load voxupuli-test (which pulls in puppetlabs_spec_helper), # otherwise attempt to load it directly. begin require 'voxpupuli/test/rake' rescue LoadError - require 'puppetlabs_spec_helper/rake_tasks' + begin + require 'puppetlabs_spec_helper/rake_tasks' + rescue LoadError + end +end + +# load optional tasks for acceptance +# only available if gem group releases is installed +begin + require 'voxpupuli/acceptance/rake' +rescue LoadError end # load optional tasks for releases # only available if gem group releases is installed begin require 'voxpupuli/release/rake_tasks' rescue LoadError end desc "Run main 'test' task and report merged results to coveralls" task test_with_coveralls: [:test] do if Dir.exist?(File.expand_path('../lib', __FILE__)) require 'coveralls/rake/task' Coveralls::RakeTask.new Rake::Task['coveralls:push'].invoke else puts 'Skipping reporting to coveralls. Module has no lib dir' end end desc 'Generate REFERENCE.md' task :reference, [:debug, :backtrace] do |t, args| patterns = '' Rake::Task['strings:generate:reference'].invoke(patterns, args[:debug], args[:backtrace]) end begin require 'github_changelog_generator/task' require 'puppet_blacksmith' GitHubChangelogGenerator::RakeTask.new :changelog do |config| - version = (Blacksmith::Modulefile.new).version - config.future_release = "v#{version}" if version =~ /^\d+\.\d+.\d+$/ + metadata = Blacksmith::Modulefile.new + config.future_release = "v#{metadata.version}" if metadata.version =~ /^\d+\.\d+.\d+$/ config.header = "# Changelog\n\nAll notable changes to this project will be documented in this file.\nEach new release typically also includes the latest modulesync defaults.\nThese should not affect the functionality of the module." config.exclude_labels = %w{duplicate question invalid wontfix wont-fix modulesync skip-changelog} config.user = 'voxpupuli' - metadata_json = File.join(File.dirname(__FILE__), 'metadata.json') - metadata = JSON.load(File.read(metadata_json)) - config.project = metadata['name'] + config.project = metadata.metadata['name'] end # Workaround for https://github.com/github-changelog-generator/github-changelog-generator/issues/715 require 'rbconfig' if RbConfig::CONFIG['host_os'] =~ /linux/ task :changelog do puts 'Fixing line endings...' changelog_file = File.join(__dir__, 'CHANGELOG.md') changelog_txt = File.read(changelog_file) new_contents = changelog_txt.gsub(%r{\r\n}, "\n") File.open(changelog_file, "w") {|file| file.puts new_contents } end end rescue LoadError end # vim: syntax=ruby diff --git a/lib/facter/rabbitmq_clustername.rb b/lib/facter/rabbitmq_clustername.rb index 7a178df..3f2de66 100644 --- a/lib/facter/rabbitmq_clustername.rb +++ b/lib/facter/rabbitmq_clustername.rb @@ -1,15 +1,15 @@ Facter.add(:rabbitmq_clustername) do setcode do if Facter::Util::Resolution.which('rabbitmqctl') ret = nil cluster_status = Facter::Core::Execution.execute('rabbitmqctl -q cluster_status 2>&1') - [%r!{cluster_name,<<"(\S+)">>}!, %r!^Cluster name: (\S+)$!].each do |r| + [%r!{cluster_name,<<"(\S+)">>}!, %r{^Cluster name: (\S+)$}].each do |r| if (data = r.match(cluster_status)) ret = data[1] break end end end ret end end diff --git a/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb index f65326d..3f09f12 100644 --- a/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb @@ -1,40 +1,40 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_cluster).provide( :rabbitmqctl, parent: Puppet::Provider::RabbitmqCli ) do confine feature: :posix def exists? cluster_name == @resource[:name].to_s end def create storage_type = @resource[:node_disc_type].to_s init_node = @resource[:init_node].to_s.gsub(%r{^.*@}, '') if [Facter.value(:hostname), Facter.value(:fqdn)].include? init_node return rabbitmqctl('set_cluster_name', @resource[:name]) unless cluster_name == resource[:name].to_s else rabbitmqctl('stop_app') rabbitmqctl('join_cluster', "rabbit@#{init_node}", "--#{storage_type}") rabbitmqctl('start_app') end end def destroy rabbitmqctl('stop_app') rabbitmqctl('reset') rabbitmqctl('start_app') end def cluster_name cluster_status = rabbitmqctl('-q', 'cluster_status') - [%r!{cluster_name,<<"(\S+)">>}!, %r!^Cluster name: (\S+)$!].each do |r| + [%r!{cluster_name,<<"(\S+)">>}!, %r{^Cluster name: (\S+)$}].each do |r| if (data = r.match(cluster_status)) return data[1] end end end end diff --git a/spec/classes/rabbitmq_spec.rb b/spec/classes/rabbitmq_spec.rb index 6680587..074b383 100644 --- a/spec/classes/rabbitmq_spec.rb +++ b/spec/classes/rabbitmq_spec.rb @@ -1,1777 +1,1775 @@ require 'spec_helper' describe 'rabbitmq' do on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end name = case facts[:osfamily] when 'Archlinux', 'OpenBSD', 'FreeBSD' 'rabbitmq' else 'rabbitmq-server' end it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('rabbitmq::install') } it { is_expected.to contain_class('rabbitmq::config').that_notifies('Class[rabbitmq::service]') } it { is_expected.to contain_class('rabbitmq::service') } it { is_expected.to contain_package(name).with_ensure('installed').with_name(name) } if facts[:os]['family'] == 'Suse' it { is_expected.to contain_package('rabbitmq-server-plugins') } end context 'with default params' do it { is_expected.not_to contain_class('rabbitmq::repo::apt') } it { is_expected.not_to contain_apt__source('rabbitmq') } it { is_expected.not_to contain_class('rabbitmq::repo::rhel') } it { is_expected.not_to contain_yumrepo('rabbitmq') } end context 'with service_restart => false' do let(:params) { { service_restart: false } } it { is_expected.not_to contain_class('rabbitmq::config').that_notifies('Class[rabbitmq::service]') } end context 'with repos_ensure => true' do let(:params) { { repos_ensure: true } } if facts[:os]['family'] == 'Debian' it 'includes rabbitmq::repo::apt' do is_expected.to contain_class('rabbitmq::repo::apt'). with_key_source('https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey'). with_key_content(nil) end it 'adds a repo with default values' do is_expected.to contain_apt__source('rabbitmq'). with_ensure('present'). with_location("https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}"). with_release(nil). with_repos('main') end else it { is_expected.not_to contain_class('rabbitmq::repo::apt') } it { is_expected.not_to contain_apt__souce('rabbitmq') } end if facts[:os]['family'] == 'RedHat' it { is_expected.to contain_class('rabbitmq::repo::rhel') } it 'the repo should be present, and contain the expected values' do is_expected.to contain_yumrepo('rabbitmq'). with_ensure('present'). with_baseurl(%r{https://packagecloud.io/rabbitmq/rabbitmq-server/el/\d+/\$basearch$}). with_gpgkey('https://www.rabbitmq.com/rabbitmq-release-signing-key.asc') end else it { is_expected.not_to contain_class('rabbitmq::repo::rhel') } it { is_expected.not_to contain_yumrepo('rabbitmq') } end end context 'with no pin', if: facts[:os]['family'] == 'Debian' do let(:params) { { repos_ensure: true, package_apt_pin: '' } } if Puppet.version =~ %r{^[6,7]} # https://tickets.puppetlabs.com/browse/PUP-9112 and https://tickets.puppetlabs.com/browse/PUP-9180 let(:expected_key_apt_source_key_content) { 'nil' } else let(:expected_key_apt_source_key_content) { ':undef' } end describe 'it sets up an apt::source' do it { is_expected.to contain_apt__source('rabbitmq').with( 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}", 'repos' => 'main', 'key' => "{\"id\"=>\"8C695B0219AFDEB04A058ED8F4E789204D206F89\", \"source\"=>\"https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey\", \"content\"=>#{expected_key_apt_source_key_content}}" ) } end end context 'with pin', if: facts[:os]['family'] == 'Debian' do let(:params) { { repos_ensure: true, package_apt_pin: '700' } } if Puppet.version =~ %r{^[6,7]} # https://tickets.puppetlabs.com/browse/PUP-9112 and https://tickets.puppetlabs.com/browse/PUP-9180 let(:expected_key_apt_source_key_content) { 'nil' } else let(:expected_key_apt_source_key_content) { ':undef' } end describe 'it sets up an apt::source and pin' do it { is_expected.to contain_apt__source('rabbitmq').with( 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}", 'repos' => 'main', 'key' => "{\"id\"=>\"8C695B0219AFDEB04A058ED8F4E789204D206F89\", \"source\"=>\"https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey\", \"content\"=>#{expected_key_apt_source_key_content}}" ) } it { is_expected.to contain_apt__pin('rabbitmq').with( 'packages' => '*', 'priority' => '700', 'origin' => 'packagecloud.io' ) } end end ['infinity', -1, 1234].each do |value| context "with file_limit => '#{value}'" do let(:params) { { file_limit: value } } if facts[:os]['family'] == 'RedHat' it do is_expected.to contain_file('/etc/security/limits.d/rabbitmq-server.conf'). with_owner('0'). with_group('0'). with_mode('0644'). that_notifies('Class[Rabbitmq::Service]'). with_content("rabbitmq soft nofile #{value}\nrabbitmq hard nofile #{value}\n") end else it { is_expected.not_to contain_file('/etc/security/limits.d/rabbitmq-server.conf') } end if facts[:os]['family'] == 'Debian' it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(%r{ulimit -n #{value}}) } else it { is_expected.not_to contain_file('/etc/default/rabbitmq-server') } end if facts[:systemd] selinux_ignore_defaults = facts[:os]['family'] == 'RedHat' it do is_expected.to contain_systemd__service_limits("#{name}.service"). with_selinux_ignore_defaults(selinux_ignore_defaults). with_limits('LimitNOFILE' => value). with_restart_service(false) end else it { is_expected.not_to contain_systemd__service_limits("#{name}.service") } end end end [-42, '-42', 'foo'].each do |value| context "with file_limit => '#{value}'" do let(:params) { { file_limit: value } } it 'does not compile' do expect { catalogue }.to raise_error(Puppet::PreformattedError, %r{Error while evaluating a Resource Statement}) end end end [-1000, 0, 1000].each do |value| context "with oom_score_adj => '#{value}'" do let(:params) { { oom_score_adj: value } } if facts[:os]['family'] == 'Debian' - it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(/^echo #{value} > \/proc\/\$\$\/oom_score_adj$/) } + it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(%r{^echo #{value} > /proc/\$\$/oom_score_adj$}) } else it { is_expected.not_to contain_file('/etc/default/rabbitmq-server') } end if facts[:systemd] - selinux_ignore_defaults = facts[:os]['family'] == 'RedHat' - it do is_expected.to contain_systemd__service_limits("#{name}.service"). with_limits('OOMScoreAdjust' => value). with_restart_service(false) end else it { is_expected.not_to contain_systemd__service_limits("#{name}.service") } end end end [-2000, 2000, '500', 'foo'].each do |value| context "with oom_score_adj => '#{value}'" do let(:params) { { oom_score_adj: value } } it 'does not compile' do expect { catalogue }.to raise_error(Puppet::PreformattedError, %r{Error while evaluating a Resource Statement}) end end end context 'on systems with systemd', if: facts[:systemd] do it do is_expected.to contain_systemd__service_limits("#{name}.service"). with_restart_service(false) end end context 'on systems without systemd', unless: facts[:systemd] do it { is_expected.not_to contain_systemd__service_limits("#{name}.service") } end context 'with admin_enable set to true' do let(:params) { { admin_enable: true, management_ip_address: '1.1.1.1' } } context 'with service_manage set to true' do let(:params) { { admin_enable: true, management_ip_address: '1.1.1.1', service_manage: true } } context 'with rabbitmqadmin_package set to blub' do let(:params) { { rabbitmqadmin_package: 'blub' } } it 'installs a package called blub' do is_expected.to contain_package('rabbitmqadmin').with_name('blub') end end if facts[:os]['family'] == 'Archlinux' it 'installs a package called rabbitmqadmin' do is_expected.to contain_package('rabbitmqadmin').with_name('rabbitmqadmin') end else it 'we enable the admin interface by default' do is_expected.to contain_class('rabbitmq::install::rabbitmqadmin') is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with( notify: 'Class[Rabbitmq::Service]' ) is_expected.to contain_archive('rabbitmqadmin').with_source('http://1.1.1.1:15672/cli/rabbitmqadmin') end end if %w[RedHat Debian SUSE].include?(facts[:os]['family']) it { is_expected.to contain_package('python') } end if %w[FreeBSD OpenBSD].include?(facts[:os]['family']) it { is_expected.to contain_package('python2') } end end context 'with manage_python false' do let(:params) { { manage_python: false } } it do is_expected.to contain_class('rabbitmq::install::rabbitmqadmin') is_expected.not_to contain_package('python') is_expected.not_to contain_package('python2') end end context 'with $management_ip_address undef and service_manage set to true', unless: facts[:osfamily] == 'Archlinux' do let(:params) { { admin_enable: true, management_ip_address: :undef } } it 'we enable the admin interface by default' do is_expected.to contain_class('rabbitmq::install::rabbitmqadmin') is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with( notify: 'Class[Rabbitmq::Service]' ) is_expected.to contain_archive('rabbitmqadmin').with_source('http://127.0.0.1:15672/cli/rabbitmqadmin') end end context 'with service_manage set to true, node_ip_address = undef, and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', node_ip_address: :undef } } it 'we use the correct URL to rabbitmqadmin' do is_expected.to contain_archive('rabbitmqadmin').with( source: 'http://127.0.0.1:15672/cli/rabbitmqadmin', username: 'foobar', password: 'hunter2' ) end end context 'with service_manage set to true and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', management_ip_address: '1.1.1.1' } } it 'we use the correct URL to rabbitmqadmin' do is_expected.to contain_archive('rabbitmqadmin').with( source: 'http://1.1.1.1:15672/cli/rabbitmqadmin', username: 'foobar', password: 'hunter2' ) end end context 'with service_manage set to true and archive_options set', unless: facts[:osfamily] == 'Archlinux' do let(:params) do { admin_enable: true, management_ip_address: '1.1.1.1', archive_options: %w[fizz pop] } end it 'we use the correct archive_options to rabbitmqadmin' do is_expected.to contain_archive('rabbitmqadmin').with( source: 'http://1.1.1.1:15672/cli/rabbitmqadmin', download_options: %w[fizz pop] ) end end context 'with service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do # note that the 2.x management port is 55672 not 15672 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '1.1.1.1' } } it 'we use the correct URL to rabbitmqadmin' do is_expected.to contain_archive('rabbitmqadmin').with( source: 'http://1.1.1.1:55672/cli/rabbitmqadmin', username: 'guest', password: 'guest' ) end end context 'with ipv6, service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do # note that the 2.x management port is 55672 not 15672 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '::1' } } it 'we use the correct URL to rabbitmqadmin' do is_expected.to contain_archive('rabbitmqadmin').with( source: 'http://[::1]:55672/cli/rabbitmqadmin', username: 'guest', password: 'guest' ) end end context 'with service_manage set to false' do let(:params) { { admin_enable: true, service_manage: false } } it 'does nothing' do is_expected.not_to contain_class('rabbitmq::install::rabbitmqadmin') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_management') end end end describe 'manages configuration directory correctly' do it { is_expected.to contain_file('/etc/rabbitmq').with( 'ensure' => 'directory', 'owner' => 'rabbitmq', 'group' => 'rabbitmq', 'mode' => '2755' ) } end describe 'manages configuration file correctly' do it { is_expected.to contain_file('rabbitmq.config').with( 'owner' => 'rabbitmq', 'group' => 'rabbitmq', 'mode' => '0640' ) } end describe 'manages SSL directory correctly' do it { is_expected.to contain_file('/etc/rabbitmq/ssl').with( 'ensure' => 'directory', 'owner' => 'rabbitmq', 'group' => 'rabbitmq', 'mode' => '2750' ) } end describe 'does not contain pre-ranch settings with default config' do it do is_expected.to contain_file('rabbitmq.config'). \ without_content(%r{binary,}). \ without_content(%r{\{packet, raw\},}). \ without_content(%r{\{reuseaddr, true\},}) end end describe 'contains pre-ranch settings with config_ranch set to false' do let(:params) { { config_ranch: false } } it do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{binary,}). \ with_content(%r{\{packet, raw\},}). \ with_content(%r{\{reuseaddr, true\},}) end end context 'configures config_cluster' do let(:params) do { config_cluster: true, cluster_nodes: ['hare-1', 'hare-2'], cluster_node_type: 'ram', wipe_db_on_cookie_change: false } end describe 'with erlang_cookie set' do let(:params) do { config_cluster: true, cluster_nodes: ['hare-1', 'hare-2'], cluster_node_type: 'ram', erlang_cookie: 'TESTCOOKIE', wipe_db_on_cookie_change: true } end it 'contains the rabbitmq_erlang_cookie' do is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') end end describe 'with erlang_cookie set but without config_cluster' do let(:params) do { config_cluster: false, erlang_cookie: 'TESTCOOKIE' } end it 'contains the rabbitmq_erlang_cookie' do is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') end end describe 'without erlang_cookie and without config_cluster' do let(:params) do { config_cluster: false } end it 'contains the rabbitmq_erlang_cookie' do is_expected.not_to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') end end describe 'and sets appropriate configuration' do let(:params) do { config_cluster: true, cluster_nodes: ['hare-1', 'hare-2'], cluster_node_type: 'ram', erlang_cookie: 'ORIGINAL', wipe_db_on_cookie_change: true } end it 'for cluster_nodes' do is_expected.to contain_file('rabbitmq.config').with('content' => %r{cluster_nodes.*\['rabbit@hare-1', 'rabbit@hare-2'\], ram}) end end end describe 'rabbitmq-env configuration' do context 'with default params' do it 'sets environment variables' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{ERL_INETRC=/etc/rabbitmq/inetrc}) end end context 'with environment_variables set' do let(:params) do { environment_variables: { 'NODE_IP_ADDRESS' => '1.1.1.1', 'NODE_PORT' => '5656', 'NODENAME' => 'HOSTNAME', 'SERVICENAME' => 'RabbitMQ', 'CONSOLE_LOG' => 'RabbitMQ.debug', 'CTL_ERL_ARGS' => 'verbose', 'SERVER_ERL_ARGS' => 'v', 'SERVER_START_ARGS' => 'debug' } } end it 'sets environment variables' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{NODE_IP_ADDRESS=1.1.1.1}). \ with_content(%r{NODE_PORT=5656}). \ with_content(%r{NODENAME=HOSTNAME}). \ with_content(%r{SERVICENAME=RabbitMQ}). \ with_content(%r{CONSOLE_LOG=RabbitMQ.debug}). \ with_content(%r{CTL_ERL_ARGS=verbose}). \ with_content(%r{SERVER_ERL_ARGS=v}). \ with_content(%r{SERVER_START_ARGS=debug}) end end end context 'delete_guest_user' do describe 'should do nothing by default' do it { is_expected.not_to contain_rabbitmq_user('guest') } end describe 'delete user when delete_guest_user set' do let(:params) { { delete_guest_user: true } } it 'removes the user' do is_expected.to contain_rabbitmq_user('guest').with( 'ensure' => 'absent', 'provider' => 'rabbitmqctl' ) end end end context 'configuration setting' do describe 'node_ip_address when set' do let(:params) { { node_ip_address: '172.0.0.1' } } it 'sets NODE_IP_ADDRESS to specified value' do is_expected.to contain_file('rabbitmq-env.config'). with_content(%r{NODE_IP_ADDRESS=172\.0\.0\.1}) end end describe 'stomp by default' do it 'does not specify stomp parameters in rabbitmq.config' do is_expected.to contain_file('rabbitmq.config').without('content' => %r{stomp}) end end describe 'stomp when set' do let(:params) { { config_stomp: true, stomp_port: 5679 } } it 'specifies stomp port in rabbitmq.config' do is_expected.to contain_file('rabbitmq.config').with('content' => %r{rabbitmq_stomp.*tcp_listeners, \[5679\]}m) end end describe 'stomp when set ssl port w/o ssl enabled' do let(:params) { { config_stomp: true, stomp_port: 5679, ssl: false, ssl_stomp_port: 5680 } } it 'does not configure ssl_listeners in rabbitmq.config' do is_expected.to contain_file('rabbitmq.config').without('content' => %r{rabbitmq_stomp.*ssl_listeners, \[5680\]}m) end end describe 'stomp when set with ssl' do let(:params) { { config_stomp: true, stomp_port: 5679, ssl: true, ssl_stomp_port: 5680 } } it 'specifies stomp port and ssl stomp port in rabbitmq.config' do is_expected.to contain_file('rabbitmq.config').with('content' => %r{rabbitmq_stomp.*tcp_listeners, \[5679\].*ssl_listeners, \[5680\]}m) end end end describe 'configuring ldap authentication' do let :params do { config_stomp: true, ldap_auth: true, ldap_server: 'ldap.example.com', ldap_user_dn_pattern: 'ou=users,dc=example,dc=com', ldap_other_bind: 'as_user', ldap_use_ssl: false, ldap_port: 389, ldap_log: true, ldap_config_variables: { 'foo' => 'bar' } } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') } it 'contains ldap parameters' do verify_contents(catalogue, 'rabbitmq.config', ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}', ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},', ' {servers, ["ldap.example.com"]},', ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},', ' {port, 389},', ' {foo, bar},', ' {log, true}']) end end describe 'configuring ldap authentication' do let :params do { config_stomp: false, ldap_auth: true, ldap_server: 'ldap.example.com', ldap_user_dn_pattern: 'ou=users,dc=example,dc=com', ldap_other_bind: 'as_user', ldap_use_ssl: false, ldap_port: 389, ldap_log: true, ldap_config_variables: { 'foo' => 'bar' } } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') } it 'contains ldap parameters' do verify_contents(catalogue, 'rabbitmq.config', ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}', ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},', ' {servers, ["ldap.example.com"]},', ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},', ' {port, 389},', ' {foo, bar},', ' {log, true}']) end end describe 'configuring ldap authentication' do let :params do { config_stomp: false, ldap_auth: true, ldap_server: 'ldap.example.com', ldap_other_bind: 'as_user', ldap_use_ssl: false, ldap_port: 389, ldap_log: true, ldap_config_variables: { 'foo' => 'bar' } } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') } it 'does not set user_dn_pattern when none is specified' do verify_contents(catalogue, 'rabbitmq.config', ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}', ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},', ' {servers, ["ldap.example.com"]},', ' {use_ssl, false},', ' {port, 389},', ' {foo, bar},', ' {log, true}']) content = catalogue.resource('file', 'rabbitmq.config').send(:parameters)[:content] expect(content).not_to include 'user_dn_pattern' end end describe 'configuring ldap authentication' do let :params do { config_stomp: false, ldap_auth: true, ldap_server: ['ldap1.example.com', 'ldap2.example.com'], ldap_other_bind: 'as_user', ldap_use_ssl: false, ldap_port: 389, ldap_log: true, ldap_config_variables: { 'foo' => 'bar' } } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') } it 'does not set user_dn_pattern when none is specified' do verify_contents(catalogue, 'rabbitmq.config', ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}', ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},', ' {servers, ["ldap1.example.com", "ldap2.example.com"]},', ' {use_ssl, false},', ' {port, 389},', ' {foo, bar},', ' {log, true}']) content = catalogue.resource('file', 'rabbitmq.config').send(:parameters)[:content] expect(content).not_to include 'user_dn_pattern' end end describe 'configuring auth_backends' do let :params do { auth_backends: ['{baz, foo}', 'bar'] } end it 'contains auth_backends' do verify_contents(catalogue, 'rabbitmq.config', [' {auth_backends, [{baz, foo}, bar]},']) end end describe 'auth_backends overrides ldap_auth' do let :params do { auth_backends: ['{baz, foo}', 'bar'], ldap_auth: true } end it 'contains auth_backends' do verify_contents(catalogue, 'rabbitmq.config', [' {auth_backends, [{baz, foo}, bar]},']) end end context 'use config file for plugins' do describe 'config_plugins_file: true' do let :params do { use_config_file_for_plugins: true } end it 'does not use rabbitmqplugin provider' do is_expected.not_to contain_rabbitmq_plugin('rabbitmq_management') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_stomp') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel') end it 'configures enabled_plugins' do is_expected.to contain_file('enabled_plugins').with_content(%r{\[rabbitmq_management\]\.}) end end describe 'with all plugins enabled admin_enable: false, manamgent_enable: true' do let :params do { use_config_file_for_plugins: true, admin_enable: false, management_enable: true, stomp_ensure: true, ldap_auth: true, config_shovel: true } end it 'does not use rabbitmqplugin provider' do is_expected.not_to contain_rabbitmq_plugin('rabbitmq_management') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_stomp') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel') end it 'configures enabled_plugins' do is_expected.to contain_file('enabled_plugins').with_content(%r{rabbitmq_management}) is_expected.to contain_file('enabled_plugins').with_content(%r{rabbitmq_stomp}) is_expected.to contain_file('enabled_plugins').with_content(%r{rabbitmq_auth_backend_ldap}) is_expected.to contain_file('enabled_plugins').with_content(%r{rabbitmq_shovel}) is_expected.to contain_file('enabled_plugins').with_content(%r{rabbitmq_shovel_management}) is_expected.to contain_file('enabled_plugins').with_content(%r{\[rabbitmq_management,rabbitmq_stomp,rabbitmq_auth_backend_ldap,rabbitmq_shovel,rabbitmq_shovel_management\]\.}) end end end describe 'configure management plugin' do let :params do { admin_enable: true, management_enable: false } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_management') } it 'sets rabbitmq_managment opts to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 15672\}}) end describe 'with admin_enable false' do let :params do { admin_enable: false, management_enable: false } end it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_management') } end describe 'with admin_enable false and management_enable true' do let :params do { admin_enable: false, management_enable: true } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_management') } it 'sets rabbitmq_managment opts to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 15672\}}) end end end describe 'configuring shovel plugin' do let :params do { config_shovel: true } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel') } it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel_management') } describe 'with admin_enable false' do let :params do { config_shovel: true, admin_enable: false } end it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') } end describe 'with static shovels' do let :params do { config_shovel: true, config_shovel_statics: { 'shovel_first' => '{sources,[{broker,"amqp://"}]}, {destinations,[{broker,"amqp://site1.example.com"}]}, {queue,<<"source_one">>}', 'shovel_second' => '{sources,[{broker,"amqp://"}]}, {destinations,[{broker,"amqp://site2.example.com"}]}, {queue,<<"source_two">>}' } } end it 'generates correct configuration' do verify_contents(catalogue, 'rabbitmq.config', [ ' {rabbitmq_shovel,', ' [{shovels,[', ' {shovel_first,[{sources,[{broker,"amqp://"}]},', ' {destinations,[{broker,"amqp://site1.example.com"}]},', ' {queue,<<"source_one">>}]},', ' {shovel_second,[{sources,[{broker,"amqp://"}]},', ' {destinations,[{broker,"amqp://site2.example.com"}]},', ' {queue,<<"source_two">>}]}', ' ]}]}' ]) end end end describe 'configuring shovel plugin' do let :params do { config_shovel: true } end it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel') } it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel_management') } describe 'with admin_enable false' do let :params do { config_shovel: true, admin_enable: false } end it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') } end describe 'with static shovels' do let :params do { config_shovel: true, config_shovel_statics: { 'shovel_first' => '{sources,[{broker,"amqp://"}]}, {destinations,[{broker,"amqp://site1.example.com"}]}, {queue,<<"source_one">>}', 'shovel_second' => '{sources,[{broker,"amqp://"}]}, {destinations,[{broker,"amqp://site2.example.com"}]}, {queue,<<"source_two">>}' } } end it 'generates correct configuration' do verify_contents(catalogue, 'rabbitmq.config', [ ' {rabbitmq_shovel,', ' [{shovels,[', ' {shovel_first,[{sources,[{broker,"amqp://"}]},', ' {destinations,[{broker,"amqp://site1.example.com"}]},', ' {queue,<<"source_one">>}]},', ' {shovel_second,[{sources,[{broker,"amqp://"}]},', ' {destinations,[{broker,"amqp://site2.example.com"}]},', ' {queue,<<"source_two">>}]}', ' ]}]}' ]) end end end describe 'default_user and default_pass set' do let(:params) { { default_user: 'foo', default_pass: 'bar' } } it 'sets default_user and default_pass to specified values' do is_expected.to contain_file('rabbitmq.config').with('content' => %r{default_user, <<"foo">>.*default_pass, <<"bar">>}m) end end describe 'interfaces option with no ssl' do let(:params) do { interface: '0.0.0.0' } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\{"0.0.0.0", 5672\}\]}) end end describe 'ssl options and mangament_ssl false' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_secure_renegotiate: true, ssl_reuse_sessions: true, ssl_honor_cipher_order: true, ssl_dhfile: :undef, management_ssl: false, management_port: 13_142 } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_listeners, \[3141\]} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_options, \[} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{cacertfile,"/path/to/cacert"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{certfile,"/path/to/cert"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{keyfile,"/path/to/key"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{secure_renegotiate,true} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{reuse_sessions,true} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{honor_cipher_order,true} ) is_expected.to contain_file('rabbitmq.config').without_content( %r{dhfile,} ) end it 'sets non ssl port for management port' do is_expected.to contain_file('rabbitmq.config').with_content( %r{port, 13142} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{port\s=\s13142} ) end end describe 'ssl options and mangament_ssl true' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_secure_renegotiate: true, ssl_reuse_sessions: true, ssl_honor_cipher_order: true, ssl_dhfile: :undef, management_ssl: true, ssl_management_port: 13_141 } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_listeners, \[3141\]} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_opts, } ) is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_options, \[} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{cacertfile,"/path/to/cacert"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{certfile,"/path/to/cert"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{keyfile,"/path/to/key"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{secure_renegotiate,true} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{reuse_sessions,true} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{honor_cipher_order,true} ) is_expected.to contain_file('rabbitmq.config').without_content( %r{dhfile,} ) end it 'sets ssl managment port to specified values' do is_expected.to contain_file('rabbitmq.config').with_content( %r{port, 13141} ) end it 'sets ssl options in the rabbitmqadmin.conf' do is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{ssl_ca_cert_file\s=\s/path/to/cacert} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{ssl_cert_file\s=\s/path/to/cert} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{ssl_key_file\s=\s/path/to/key} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{hostname\s=\s} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{port\s=\s13141} ) end end describe 'ssl options' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_secure_renegotiate: true, ssl_reuse_sessions: true, ssl_honor_cipher_order: true, ssl_dhfile: :undef } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_listeners, \[3141\]} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{ssl_options, \[} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{cacertfile,"/path/to/cacert"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{certfile,"/path/to/cert"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{keyfile,"/path/to/key"} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{secure_renegotiate,true} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{reuse_sessions,true} ) is_expected.to contain_file('rabbitmq.config').with_content( %r{honor_cipher_order,true} ) is_expected.to contain_file('rabbitmq.config').without_content( %r{dhfile,} ) end end describe 'ssl options with ssl_interfaces' do let(:params) do { ssl: true, ssl_port: 3141, ssl_interface: '0.0.0.0', ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key' } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) end end describe 'ssl options with ssl_only' do let(:params) do { ssl: true, ssl_only: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key' } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) end it 'does not set TCP listener environment defaults' do is_expected.to contain_file('rabbitmq-env.config'). \ without_content(%r{NODE_PORT=}). \ without_content(%r{NODE_IP_ADDRESS=}) end end describe 'ssl options with ssl_only and ssl_interfaces' do let(:params) do { ssl: true, ssl_only: true, ssl_port: 3141, ssl_interface: '0.0.0.0', ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key' } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) end end describe 'ssl options with specific ssl versions' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_versions: ['tlsv1.2', 'tlsv1.1'] } end it 'sets ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]}) is_expected.to contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.1', 'tlsv1.2'\]}) end end describe 'ssl options with ssl_versions and not ssl' do let(:params) do { ssl: false, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_versions: ['tlsv1.2', 'tlsv1.1'] } end it 'fails' do expect { catalogue }.to raise_error(Puppet::Error, %r{\$ssl_versions requires that \$ssl => true}) end end describe 'ssl options with ssl ciphers (in Erlang [pre-3.7.9] format)' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_ciphers: ['ecdhe_rsa,aes_256_cbc,sha', 'dhe_rsa,aes_256_cbc,sha'] } end it 'sets ssl ciphers to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{ciphers,\[[[:space:]]+{ecdhe_rsa,aes_256_cbc,sha},[[:space:]]+{dhe_rsa,aes_256_cbc,sha}[[:space:]]+\]}) end end describe 'ssl options with ssl ciphers (in OpenSSL style)' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_ciphers: ['ECDHE-RSA-AES256-SHA', 'DHE-RSA-AES256-SHA'] } end it 'sets ssl ciphers to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{ciphers,\[[[:space:]]+"ECDHE-RSA-AES256-SHA",[[:space:]]+"DHE-RSA-AES256-SHA"[[:space:]]+\]}) end end describe 'ssl options with ssl_crl_check enabled' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_crl_check: 'true' } end it 'sets ssl crl check setting to specified value' do is_expected.to contain_file('rabbitmq.config').with_content(%r{crl_check,true}) end end describe 'ssl options with ssl_crl_check and ssl_crl_hash_cache enabled' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_crl_check: 'true', ssl_crl_cache_hash_dir: '/path/to/crl_cache/dir' } end it 'sets ssl crl check setting to specified value' do is_expected.to contain_file('rabbitmq.config').with_content(%r{crl_check,true}) is_expected.to contain_file('rabbitmq.config').with_content(%r{crl_cache,\s+{ssl_crl_hash_dir,\s+{internal,\s+\[{dir, "/path/to/crl_cache/dir"}\]}}}) end end describe 'ssl options with ssl_crl_check and http cache enabled' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_crl_check: 'true', ssl_crl_cache_http_timeout: 5000 } end it 'sets ssl crl check setting to specified value' do is_expected.to contain_file('rabbitmq.config').with_content(%r{crl_check,true}) is_expected.to contain_file('rabbitmq.config').with_content(%r{crl_cache,\s+{ssl_crl_cache,\s+{internal,\s+\[{http, 5000}\]}}}) end end describe 'ssl options with ssl_crl_check enabled and not ssl' do let(:params) do { ssl: false, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_crl_check: 'true' } end it 'fails' do expect { catalogue }.to raise_error(Puppet::Error, %r{\$ssl_crl_check requires that \$ssl => true}) end end describe 'ssl options with ssl_crl_cache_hash_dir set and not ssl_crl_check' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_crl_check: 'false', ssl_crl_cache_hash_dir: '/path/to/crl_cache/dir' } end it 'fails' do expect { catalogue }.to raise_error(Puppet::Error, %r{\$ssl_crl_cache_hash_dir requires that \$ssl_crl_check => true|peer|best_effort}) end end describe 'ssl options with ssl_crl_cache_http_timeout set and not ssl_crl_check' do let(:params) do { ssl: true, ssl_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_crl_check: 'false', ssl_crl_cache_http_timeout: 5000 } end it 'fails' do expect { catalogue }.to raise_error(Puppet::Error, %r{\$ssl_crl_cache_http_timeout requires that \$ssl_crl_check => true|peer|best_effort}) end end describe 'ssl admin options with specific ssl versions' do let(:params) do { ssl: true, ssl_management_port: 5926, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_versions: ['tlsv1.2', 'tlsv1.1'], admin_enable: true } end it 'sets admin ssl opts to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 5926\}}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\}}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}}) is_expected.to contain_file('rabbitmq.config').with_content(%r{,\{versions, \['tlsv1.1', 'tlsv1.2'\]\}}) end end describe 'ssl with ssl_dhfile' do let(:params) do { ssl: true, ssl_interface: '0.0.0.0', ssl_dhfile: '/etc/pki/tls/dh-params.pem' } end it { is_expected.to contain_file('rabbitmq.config').with_content(%r{dhfile, "/etc/pki/tls/dh-params\.pem}) } end describe 'ssl with ssl_dhfile unset' do let(:params) do { ssl: true, ssl_interface: '0.0.0.0', ssl_dhfile: :undef } end it { is_expected.to contain_file('rabbitmq.config').without_content(%r{dhfile,}) } end describe 'ssl with ssl_secure_renegotiate false' do let(:params) do { ssl: true, ssl_interface: '0.0.0.0', ssl_secure_renegotiate: false } end it { is_expected.to contain_file('rabbitmq.config').with_content(%r{secure_renegotiate,false}) } end describe 'ssl with ssl_reuse_sessions false' do let(:params) do { ssl: true, ssl_interface: '0.0.0.0', ssl_reuse_sessions: false } end it { is_expected.to contain_file('rabbitmq.config').with_content(%r{reuse_sessions,false}) } end describe 'ssl with ssl_honor_cipher_order false' do let(:params) do { ssl: true, ssl_interface: '0.0.0.0', ssl_honor_cipher_order: false } end it { is_expected.to contain_file('rabbitmq.config').with_content(%r{honor_cipher_order,false}) } end describe 'ssl admin options' do let(:params) do { ssl: true, ssl_management_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', ssl_management_verify: 'verify_peer', ssl_management_fail_if_no_peer_cert: true, admin_enable: true } end it 'sets rabbitmq_management ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\}}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\}}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{verify,verify_peer\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{fail_if_no_peer_cert,true\}}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}}) end end describe 'admin without ssl' do let(:params) do { ssl: false, management_port: 3141, admin_enable: true } end it 'sets rabbitmq_management options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\}}) end end describe 'ssl admin options' do let(:params) do { ssl: true, ssl_management_port: 3141, ssl_cacert: '/path/to/cacert', ssl_cert: '/path/to/cert', ssl_key: '/path/to/key', admin_enable: true } end it 'sets rabbitmq_management ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}}) end end describe 'ssl admin options with dedicated admin-key and -certs' do let(:params) do { ssl: true, ssl_management_port: 3141, ssl_management_cacert: '/path/to/management_cacert', ssl_management_cert: '/path/to/management_cert', ssl_management_key: '/path/to/management_key', admin_enable: true } end it 'sets rabbitmq_management ssl options to specified values' do is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[}) is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/management_cacert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/management_cert"\},}) is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/management_key"\}}) end it 'sets ssl options in the rabbitmqadmin.conf' do is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{ssl_ca_cert_file\s=\s/path/to/management_cacert} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{ssl_cert_file\s=\s/path/to/management_cert} ) is_expected.to contain_file('rabbitmqadmin.conf').with_content( %r{ssl_key_file\s=\s/path/to/management_key} ) end end describe 'admin without ssl' do let(:params) do { ssl: false, management_port: 3141, admin_enable: true } end it 'sets rabbitmq_management options to specified values' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{rabbitmq_management, \[}). \ with_content(%r{\{listener, \[}). \ with_content(%r{\{port, 3141\}}) end end describe 'ipv6 enabled' do let(:params) { { ipv6: true } } it 'enables resolver inet6 in inetrc' do is_expected.to contain_file('rabbitmq-inetrc').with_content(%r{{inet6, true}.}) end context 'without other erl args' do it 'enables inet6 distribution' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{^RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="-proto_dist inet6_tcp"$}). \ with_content(%r{^RABBITMQ_CTL_ERL_ARGS="-proto_dist inet6_tcp"$}) end end context 'with other quoted erl args' do let(:params) do { ipv6: true, environment_variables: { 'RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS' => '"some quoted args"', 'RABBITMQ_CTL_ERL_ARGS' => '"other quoted args"' } } end it 'enables inet6 distribution and quote properly' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{^RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="some quoted args -proto_dist inet6_tcp"$}). \ with_content(%r{^RABBITMQ_CTL_ERL_ARGS="other quoted args -proto_dist inet6_tcp"$}) end end context 'with other unquoted erl args' do let(:params) do { ipv6: true, environment_variables: { 'RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS' => 'foo', 'RABBITMQ_CTL_ERL_ARGS' => 'bar' } } end it 'enables inet6 distribution and quote properly' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{^RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="foo -proto_dist inet6_tcp"$}). \ with_content(%r{^RABBITMQ_CTL_ERL_ARGS="bar -proto_dist inet6_tcp"$}) end end context 'with SSL and without other erl args' do let(:params) do { ipv6: true, ssl_erl_dist: true } end it 'enables inet6 distribution' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{^RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS=" -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \ with_content(%r{^RABBITMQ_CTL_ERL_ARGS=" -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}) end end context 'with SSL and other quoted erl args' do let(:params) do { ipv6: true, ssl_erl_dist: true, environment_variables: { 'RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS' => '"some quoted args"', 'RABBITMQ_CTL_ERL_ARGS' => '"other quoted args"' } } end it 'enables inet6 distribution and quote properly' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{^RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="some quoted args -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \ with_content(%r{^RABBITMQ_CTL_ERL_ARGS="other quoted args -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}) end end context 'with SSL and with other unquoted erl args' do let(:params) do { ipv6: true, ssl_erl_dist: true, environment_variables: { 'RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS' => 'foo', 'RABBITMQ_CTL_ERL_ARGS' => 'bar' } } end it 'enables inet6 distribution and quote properly' do is_expected.to contain_file('rabbitmq-env.config'). \ with_content(%r{^RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS="foo -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \ with_content(%r{^RABBITMQ_CTL_ERL_ARGS="bar -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}) end end end describe 'config_variables options' do let(:params) do { config_variables: { 'hipe_compile' => true, 'vm_memory_high_watermark' => 0.4, 'frame_max' => 131_072, 'collect_statistics' => 'none', 'auth_mechanisms' => "['PLAIN', 'AMQPLAIN']" } } end it 'sets environment variables' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{hipe_compile, true\}}). \ with_content(%r{\{vm_memory_high_watermark, 0.4\}}). \ with_content(%r{\{frame_max, 131072\}}). \ with_content(%r{\{collect_statistics, none\}}). \ with_content(%r{\{auth_mechanisms, \['PLAIN', 'AMQPLAIN'\]\}}) end end describe 'config_kernel_variables options' do let(:params) do { config_kernel_variables: { 'inet_dist_listen_min' => 9100, 'inet_dist_listen_max' => 9105 } } end it 'sets config variables' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{inet_dist_listen_min, 9100\}}). \ with_content(%r{\{inet_dist_listen_max, 9105\}}) end end describe 'config_management_variables' do let(:params) do { config_management_variables: { 'rates_mode' => 'none' } } end it 'sets config variables' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{rates_mode, none\}}) end end describe 'tcp_keepalive enabled' do let(:params) { { tcp_keepalive: true } } it 'sets tcp_listen_options keepalive true' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{keepalive, true\}}) end end describe 'tcp_keepalive disabled (default)' do it 'does not set tcp_listen_options' do is_expected.to contain_file('rabbitmq.config'). \ without_content(%r{\{keepalive, true\}}) end end describe 'tcp_backlog with default value' do it 'sets tcp_listen_options backlog to 128' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{backlog, 128\}}) end end describe 'tcp_backlog with non-default value' do let(:params) do { tcp_backlog: 256 } end it 'sets tcp_listen_options backlog to 256' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{backlog, 256\}}) end end describe 'tcp_sndbuf with default value' do it 'does not set tcp_listen_options sndbuf' do is_expected.to contain_file('rabbitmq.config'). \ without_content(%r{sndbuf}) end end describe 'tcp_sndbuf with non-default value' do let(:params) do { tcp_sndbuf: 128 } end it 'sets tcp_listen_options sndbuf to 128' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{sndbuf, 128\}}) end end describe 'tcp_recbuf with default value' do it 'does not set tcp_listen_options recbuf' do is_expected.to contain_file('rabbitmq.config'). \ without_content(%r{recbuf}) end end describe 'tcp_recbuf with non-default value' do let(:params) do { tcp_recbuf: 128 } end it 'sets tcp_listen_options recbuf to 128' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{recbuf, 128\}}) end end describe 'rabbitmq-heartbeat options' do let(:params) { { heartbeat: 60 } } it 'sets heartbeat paramter in config file' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{heartbeat, 60\}}) end end context 'delete_guest_user' do describe 'should do nothing by default' do it { is_expected.not_to contain_rabbitmq_user('guest') } end describe 'delete user when delete_guest_user set' do let(:params) { { delete_guest_user: true } } it 'removes the user' do is_expected.to contain_rabbitmq_user('guest').with( 'ensure' => 'absent', 'provider' => 'rabbitmqctl' ) end end end describe 'rabbitmq-loopback_users by default' do it 'sets the loopback_users parameter in the config file' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{loopback_users, \[<<"guest">>\]\}}) end end describe 'rabbitmq-loopback_users allow connections via loopback interfaces' do let(:params) { { loopback_users: [] } } it 'sets the loopback_users parameter in the config file' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{loopback_users, \[\]\}}) end end describe 'rabbitmq-loopback_users allow connections via loopback interfaces to a group of users' do let(:params) { { loopback_users: %w[user1 user2] } } it 'sets the loopback_users parameter in the config file' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{loopback_users, \[<<\"user1\">>, <<\"user2\">>\]\}}) end end ## ## rabbitmq::service ## describe 'service with default params' do it { is_expected.to contain_service('rabbitmq-server').with( 'ensure' => 'running', 'enable' => 'true', 'hasstatus' => 'true', 'hasrestart' => 'true', 'name' => name ) } end context 'on systems with systemd', if: facts[:systemd] do it do is_expected.to contain_service('rabbitmq-server'). that_requires('Class[systemd::systemctl::daemon_reload]') end end describe 'service with ensure stopped' do let :params do { service_ensure: 'stopped' } end it { is_expected.to contain_service('rabbitmq-server').with( 'ensure' => 'stopped', 'enable' => false ) } end describe 'service with service_manage equal to false' do let :params do { service_manage: false } end it { is_expected.not_to contain_service('rabbitmq-server') } end end end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e02626a..15d3e68 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,26 +1,23 @@ -# This file is managed via modulesync -# https://github.com/voxpupuli/modulesync -# https://github.com/voxpupuli/modulesync_config +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ RSpec.configure do |c| c.mock_with :mocha end # puppetlabs_spec_helper will set up coverage if the env variable is set. # We want to do this if lib exists and it hasn't been explicitly set. ENV['COVERAGE'] ||= 'yes' if Dir.exist?(File.expand_path('../../lib', __FILE__)) require 'voxpupuli/test/spec_helper' -add_mocked_facts! - if File.exist?(File.join(__dir__, 'default_module_facts.yml')) facts = YAML.safe_load(File.read(File.join(__dir__, 'default_module_facts.yml'))) if facts facts.each do |name, value| add_custom_fact name.to_sym, value end end end require 'spec_helper_local'