diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index d59437aa..4021da76 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -1,230 +1,217 @@ name: "nightly" on: schedule: - cron: '0 0 * * *' env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests jobs: setup_matrix: name: "Setup Test Matrix" runs-on: ubuntu-20.04 outputs: matrix: ${{ steps.get-matrix.outputs.matrix }} steps: - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@v1.0.2 + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} - name: "Honeycomb: Start first step" run: | echo STEP_ID=0 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source uses: actions/checkout@v2 if: ${{ github.repository_owner == 'puppetlabs' }} - name: Activate Ruby 2.7 uses: actions/setup-ruby@v1 if: ${{ github.repository_owner == 'puppetlabs' }} with: ruby-version: "2.7" - name: Cache gems uses: actions/cache@v2 if: ${{ github.repository_owner == 'puppetlabs' }} with: path: vendor/gems key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} restore-keys: | ${{ runner.os }}-${{ github.event_name }}- ${{ runner.os }}- - name: Install gems if: ${{ github.repository_owner == 'puppetlabs' }} run: | buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean - name: Setup Acceptance Test Matrix id: get-matrix if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata else echo "::set-output name=matrix::{}" fi - name: "Honeycomb: Record setup time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' Acceptance: needs: - setup_matrix runs-on: ubuntu-20.04 strategy: fail-fast: false matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} env: BUILDEVENT_FILE: '../buildevents.txt' steps: - run: | echo 'platform=${{ matrix.platform }}' >> $BUILDEVENT_FILE echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@v1.0.2 + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} matrix-key: ${{ matrix.platform }}-${{ matrix.collection }} - name: "Honeycomb: start first step" run: | echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-1 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source uses: actions/checkout@v2 - name: Activate Ruby 2.7 uses: actions/setup-ruby@v1 with: ruby-version: "2.7" - name: Cache gems uses: actions/cache@v2 with: path: vendor/gems key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} restore-keys: | ${{ runner.os }}-${{ github.event_name }}- ${{ runner.os }}- - name: "Honeycomb: Record cache setup time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Cache retrieval' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Bundler Setup run: | buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - name: "Honeycomb: Record Bundler Setup time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Provision test environment run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platform }}' -- bundle exec rake 'litmus:provision[provision::provision_service,${{ matrix.platform }}]' echo ::group::=== REQUEST === cat request.json || true echo echo ::endgroup:: echo ::group::=== INVENTORY === sed -e 's/password: .*/password: "[redacted]"/' < inventory.yaml || true echo ::endgroup:: - # The provision service hands out machines as soon as they're provisioned. - # The GCP VMs might still take a while to spool up and configure themselves fully. - # This retry loop spins until all agents have been installed successfully. - name: Install agent - uses: nick-invision/retry@v1 - with: - timeout_minutes: 30 - max_attempts: 5 - retry_wait_seconds: 60 - command: buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' - # The agent installer on windows does not finish in time for this to work. To - # work around this for now, retry after a minute if installing the module failed. - name: Install module - uses: nick-invision/retry@v1 - with: - timeout_minutes: 30 - max_attempts: 2 - retry_wait_seconds: 60 - command: buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - name: "Honeycomb: Record deployment times" if: ${{ always() }} run: | echo ::group::honeycomb step buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: - name: Run acceptance tests run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - name: "Honeycomb: Record acceptance testing times" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-5 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Remove test environment if: ${{ always() }} run: | if [ -f inventory.yaml ]; then buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' echo ::group::=== REQUEST === cat request.json || true echo echo ::endgroup:: fi - name: "Honeycomb: Record removal times" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' slack-workflow-status: if: always() name: Post Workflow Status To Slack needs: - Acceptance runs-on: ubuntu-20.04 steps: - name: Slack Workflow Notification - uses: Gamesight/slack-workflow-status@master + uses: Gamesight/slack-workflow-status@88ee95b73b4669825883ddf22747966204663e58 # pin@master with: # Required Input repo_token: ${{ secrets.GITHUB_TOKEN }} slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} # Optional Input channel: '#team-ia-bots' name: 'GABot' diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 17f5a649..2b5ab1f5 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -1,211 +1,198 @@ name: "PR Testing" on: [pull_request] env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests jobs: setup_matrix: name: "Setup Test Matrix" runs-on: ubuntu-20.04 outputs: matrix: ${{ steps.get-matrix.outputs.matrix }} steps: - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@v1.0.2 + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} - name: "Honeycomb: Start first step" run: | echo STEP_ID=0 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source uses: actions/checkout@v2 if: ${{ github.repository_owner == 'puppetlabs' }} - name: Activate Ruby 2.7 uses: actions/setup-ruby@v1 if: ${{ github.repository_owner == 'puppetlabs' }} with: ruby-version: "2.7" - name: Cache gems uses: actions/cache@v2 if: ${{ github.repository_owner == 'puppetlabs' }} with: path: vendor/gems key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} restore-keys: | ${{ runner.os }}-${{ github.event_name }}- ${{ runner.os }}- - name: Install gems if: ${{ github.repository_owner == 'puppetlabs' }} run: | buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean - name: Setup Acceptance Test Matrix id: get-matrix if: ${{ github.repository_owner == 'puppetlabs' }} run: | if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata else echo "::set-output name=matrix::{}" fi - name: "Honeycomb: Record setup time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' Acceptance: needs: - setup_matrix runs-on: ubuntu-20.04 strategy: fail-fast: false matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} env: BUILDEVENT_FILE: '../buildevents.txt' steps: - run: | echo 'platform=${{ matrix.platform }}' >> $BUILDEVENT_FILE echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE - name: "Honeycomb: Start recording" - uses: kvrhdn/gha-buildevents@v1.0.2 + uses: kvrhdn/gha-buildevents@5be4636b81803713c94d7cb7e3a4b85d759df112 # pin@v1.0.2 with: apikey: ${{ env.HONEYCOMB_WRITEKEY }} dataset: ${{ env.HONEYCOMB_DATASET }} job-status: ${{ job.status }} matrix-key: ${{ matrix.platform }}-${{ matrix.collection }} - name: "Honeycomb: start first step" run: | echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-1 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Checkout Source uses: actions/checkout@v2 - name: Activate Ruby 2.7 uses: actions/setup-ruby@v1 with: ruby-version: "2.7" - name: Cache gems uses: actions/cache@v2 with: path: vendor/gems key: ${{ runner.os }}-${{ github.event_name }}-${{ hashFiles('**/Gemfile') }} restore-keys: | ${{ runner.os }}-${{ github.event_name }}- ${{ runner.os }}- - name: "Honeycomb: Record cache setup time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Cache retrieval' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-2 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Bundler Setup run: | buildevents cmd $TRACE_ID $STEP_ID 'bundle config path vendor/gems' -- bundle config path vendor/gems buildevents cmd $TRACE_ID $STEP_ID 'bundle config jobs 8' -- bundle config jobs 8 buildevents cmd $TRACE_ID $STEP_ID 'bundle config retry 3' -- bundle config retry 3 buildevents cmd $TRACE_ID $STEP_ID 'bundle install' -- bundle install buildevents cmd $TRACE_ID $STEP_ID 'bundle clean' -- bundle clean echo ::group::bundler environment buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env echo ::endgroup:: - name: "Honeycomb: Record Bundler Setup time" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Bundler Setup' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-3 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Provision test environment run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platform }}' -- bundle exec rake 'litmus:provision[provision::provision_service,${{ matrix.platform }}]' echo ::group::=== REQUEST === cat request.json || true echo echo ::endgroup:: echo ::group::=== INVENTORY === sed -e 's/password: .*/password: "[redacted]"/' < inventory.yaml || true echo ::endgroup:: - # The provision service hands out machines as soon as they're provisioned. - # The GCP VMs might still take a while to spool up and configure themselves fully. - # This retry loop spins until all agents have been installed successfully. - name: Install agent - uses: nick-invision/retry@v1 - with: - timeout_minutes: 30 - max_attempts: 5 - retry_wait_seconds: 60 - command: buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' - # The agent installer on windows does not finish in time for this to work. To - # work around this for now, retry after a minute if installing the module failed. - name: Install module - uses: nick-invision/retry@v1 - with: - timeout_minutes: 30 - max_attempts: 2 - retry_wait_seconds: 60 - command: buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' - name: "Honeycomb: Record deployment times" if: ${{ always() }} run: | echo ::group::honeycomb step buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-4 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV echo ::endgroup:: - name: Run acceptance tests run: | buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' - name: "Honeycomb: Record acceptance testing times" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' echo STEP_ID=${{ matrix.platform }}-${{ matrix.collection }}-5 >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV - name: Remove test environment if: ${{ always() }} run: | if [ -f inventory.yaml ]; then buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' echo ::group::=== REQUEST === cat request.json || true echo echo ::endgroup:: fi - name: "Honeycomb: Record removal times" if: ${{ always() }} run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' diff --git a/.rubocop.yml b/.rubocop.yml index b7c972b2..3479f61a 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,138 +1,539 @@ --- require: +- rubocop-performance - rubocop-rspec -- rubocop-i18n AllCops: DisplayCopNames: true - TargetRubyVersion: '2.1' + TargetRubyVersion: '2.4' Include: - - "./**/*.rb" + - "**/*.rb" Exclude: - bin/* - ".vendor/**/*" - "**/Gemfile" - "**/Rakefile" - pkg/**/* - spec/fixtures/**/* - vendor/**/* - "**/Puppetfile" - "**/Vagrantfile" - "**/Guardfile" -Metrics/LineLength: +inherit_from: ".rubocop_todo.yml" +Layout/LineLength: Description: People have wide screens, use them. Max: 200 -GetText: - Enabled: false -GetText/DecorateString: - Description: We don't want to decorate test output. - Exclude: - - spec/**/* - Enabled: false RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. Exclude: - spec/acceptance/**/*.rb RSpec/HookArgument: Description: Prefer explicit :each argument, matching existing module's style EnforcedStyle: each Style/BlockDelimiters: Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to be consistent then. EnforcedStyle: braces_for_chaining -Style/BracesAroundHashParameters: - Description: Braces are required by Ruby 2.7. Cop removed from RuboCop v0.80.0. - See https://github.com/rubocop-hq/rubocop/pull/7643 - Enabled: false Style/ClassAndModuleChildren: Description: Compact style reduces the required amount of indentation. EnforcedStyle: compact Style/EmptyElse: Description: Enforce against empty else clauses, but allow `nil` for clarity. EnforcedStyle: empty Style/FormatString: Description: Following the main puppet project's style, prefer the % format format. EnforcedStyle: percent Style/FormatStringToken: Description: Following the main puppet project's style, prefer the simpler template tokens over annotated ones. EnforcedStyle: template Style/Lambda: Description: Prefer the keyword for easier discoverability. EnforcedStyle: literal Style/RegexpLiteral: Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 EnforcedStyle: percent_r Style/TernaryParentheses: Description: Checks for use of parentheses around ternary conditions. Enforce parentheses on complex expressions for better readability, but seriously consider breaking it up. EnforcedStyle: require_parentheses_when_complex Style/TrailingCommaInArguments: Description: Prefer always trailing comma on multiline argument lists. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma -Style/TrailingCommaInLiteral: +Style/TrailingCommaInArrayLiteral: Description: Prefer always trailing comma on multiline literals. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma Style/SymbolArray: Description: Using percent style obscures symbolic intent of array's contents. EnforcedStyle: brackets -inherit_from: ".rubocop_todo.yml" RSpec/MessageSpies: EnforcedStyle: receive Style/Documentation: Exclude: - lib/puppet/parser/functions/**/* - spec/**/* Style/WordArray: EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/Caller: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/Casecmp: + Enabled: true +Performance/CollectionLiteralInLoop: + Exclude: + - spec/**/* + Enabled: true +Performance/CompareWithBlock: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/Count: + Enabled: true +Performance/Detect: + Enabled: true +Performance/DoubleStartEndWith: + Enabled: true +Performance/EndWith: + Enabled: true +Performance/FixedSize: + Enabled: true +Performance/FlatMap: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RangeInclude: + Enabled: true +Performance/RedundantBlockCall: + Enabled: true +Performance/RedundantMatch: + Enabled: true +Performance/RedundantMerge: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/RegexpMatch: + Enabled: true +Performance/ReverseEach: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/Size: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StartWith: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/StringReplacement: + Enabled: true +Performance/Sum: + Enabled: true +Performance/TimesMap: + Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true -GetText/DecorateFunctionMessage: +Bundler/InsecureProtocolSource: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: + Enabled: false +Gemspec/RequiredRubyVersion: + Enabled: false +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: Enabled: false -GetText/DecorateStringFormattingUsingInterpolation: +Layout/ClosingHeredocIndentation: Enabled: false -GetText/DecorateStringFormattingUsingPercent: +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: Enabled: false Layout/EndOfLine: Enabled: false -Layout/IndentHeredoc: +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: Enabled: false Metrics/AbcSize: Enabled: false Metrics/BlockLength: Enabled: false Metrics/ClassLength: Enabled: false Metrics/CyclomaticComplexity: Enabled: false Metrics/MethodLength: Enabled: false Metrics/ModuleLength: Enabled: false Metrics/ParameterLists: Enabled: false Metrics/PerceivedComplexity: Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/AccessorMethodName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Capybara/CurrentPathExpectation: + Enabled: false +RSpec/Capybara/FeatureMethods: + Enabled: false +RSpec/Capybara/VisibilityMatcher: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false RSpec/DescribeClass: Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false RSpec/ExampleLength: Enabled: false -RSpec/MessageExpectation: +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/FactoryBot/AttributeDefinedStatically: + Enabled: false +RSpec/FactoryBot/CreateList: + Enabled: false +RSpec/FactoryBot/FactoryClassName: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false RSpec/NestedGroups: Enabled: false +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false Style/AsciiComments: Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: + Enabled: false Style/IfUnlessModifier: Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false +Style/SwapValues: + Enabled: false Style/SymbolProc: Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false diff --git a/.sync.yml b/.sync.yml index e34552f8..76e37157 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,59 +1,52 @@ --- ".gitlab-ci.yml": delete: true ".rubocop.yml": - default_configs: - inherit_from: ".rubocop_todo.yml" + include_todos: true ".travis.yml": - global_env: + global_env: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" deploy_to_forge: enabled: false secure: '' branches: - release use_litmus: true litmus: provision_list: - ---travis_el - travis_deb - travis_el7 - travis_el8 complex: - collection: puppet_collection: - puppet6 provision_list: - travis_ub_6 - collection: puppet_collection: - puppet5 provision_list: - travis_ub_5 simplecov: true notifications: slack: secure: MrXQwGIUO7WNmLbe7iiWgURiZPUgyvDLkKe3d9S58ohE6gdN6pqlsjP8YgodK8JmIBV1zp5Wj/0cXUmY3xvCtnDmII0DCEk2Y1Cs/W1drKZtS/0BsUpJkj0rDP2fSlKsY5ifESdEta/y8+NkjRnqadbl7SQPYeek4IjAfxjjuig= appveyor.yml: delete: true Gemfile: optional: ":development": - gem: github_changelog_generator - git: https://github.com/skywinder/github-changelog-generator - ref: 20ee04ba1234e9e83eb2ffb5056e23d641c7a018 - condition: Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') -Rakefile: - requires: - - puppet-lint/tasks/puppet-lint spec/spec_helper.rb: mock_with: ":rspec" coverage_report: true .gitpod.Dockerfile: unmanaged: false .gitpod.yml: unmanaged: false .github/workflows/nightly.yml: unmanaged: false .github/workflows/pr_test.yml: unmanaged: false diff --git a/.travis.yml b/.travis.yml index c08233a4..52dc74b7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,137 +1,129 @@ --- os: linux dist: xenial language: ruby cache: bundler before_install: - bundle -v - rm -f Gemfile.lock - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' - gem --version - bundle -v script: - 'SIMPLECOV=yes bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - 2.5.7 env: global: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" stages: - static - spec - acceptance jobs: fast_finish: true include: - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_ub_6_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_5]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_ub_5_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_deb_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_el7_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_el8]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_el8_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_deb_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_el7]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_el7_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - - + - bundler_args: --with system_tests before_script: - "bundle exec rake 'litmus:provision_list[travis_el8]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" - bundler_args: env: PLATFORMS=travis_el8_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec rvm: 2.4.5 stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec rvm: 2.5.7 stage: spec branches: only: - main - /^v\d/ - release notifications: email: false slack: secure: MrXQwGIUO7WNmLbe7iiWgURiZPUgyvDLkKe3d9S58ohE6gdN6pqlsjP8YgodK8JmIBV1zp5Wj/0cXUmY3xvCtnDmII0DCEk2Y1Cs/W1drKZtS/0BsUpJkj0rDP2fSlKsY5ifESdEta/y8+NkjRnqadbl7SQPYeek4IjAfxjjuig= diff --git a/Gemfile b/Gemfile index b6b25afe..ae2b430d 100644 --- a/Gemfile +++ b/Gemfile @@ -1,74 +1,73 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' def location_for(place_or_version, fake_version = nil) git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} file_url_regex = %r{\Afile:\/\/(?.*)} if place_or_version && (git_url = place_or_version.match(git_url_regex)) [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] else [place_or_version, { require: false }] end end ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = ruby_version_segments[0..1].join('.') group :development do - gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') + gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "github_changelog_generator", require: false +end +group :system_tests do + gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] + gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] end puppet_version = ENV['PUPPET_GEM_VERSION'] facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] gems = {} gems['puppet'] = location_for(puppet_version) # If facter or hiera versions have been specified via the environment # variables gems['facter'] = location_for(facter_version) if facter_version gems['hiera'] = location_for(hiera_version) if hiera_version if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} # If we're using a Puppet gem on Windows which handles its own win32-xxx gem # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). gems['win32-dir'] = ['<= 0.4.9', require: false] gems['win32-eventlog'] = ['<= 0.6.5', require: false] gems['win32-process'] = ['<= 0.7.5', require: false] gems['win32-security'] = ['<= 0.2.5', require: false] gems['win32-service'] = ['0.8.8', require: false] end gems.each do |gem_name, gem_params| gem gem_name, *gem_params end # Evaluate Gemfile.local and ~/.gemfile if they exist extra_gemfiles = [ "#{__FILE__}.local", File.join(Dir.home, '.gemfile'), ] extra_gemfiles.each do |gemfile| if File.file?(gemfile) && File.readable?(gemfile) eval(File.read(gemfile), binding) end end # vim: syntax=ruby diff --git a/Rakefile b/Rakefile index 11539b96..0a5093b3 100644 --- a/Rakefile +++ b/Rakefile @@ -1,88 +1,87 @@ # frozen_string_literal: true require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? -require 'puppet-lint/tasks/puppet-lint' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" returnVal = nil || JSON.load(File.read('metadata.json'))['author'] raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator user:#{returnVal}" returnVal end def changelog_project return unless Rake.application.top_level_tasks.include? "changelog" returnVal = nil returnVal ||= begin metadata_source = JSON.load(File.read('metadata.json'))['source'] metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) metadata_source_match && metadata_source_match[1] end raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator project:#{returnVal}" returnVal end def changelog_future_release return unless Rake.application.top_level_tasks.include? "changelog" returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator future_release:#{returnVal}" returnVal end PuppetLint.configuration.send('disable_relative') if Bundler.rubygems.find_name('github_changelog_generator').any? GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" config.project = "#{changelog_project}" config.future_release = "#{changelog_future_release}" config.exclude_labels = ['maintenance'] config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." config.add_pr_wo_labels = true config.issues = false config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" config.configure_sections = { "Changed" => { "prefix" => "### Changed", "labels" => ["backwards-incompatible"], }, "Added" => { "prefix" => "### Added", "labels" => ["enhancement", "feature"], }, "Fixed" => { "prefix" => "### Fixed", "labels" => ["bug", "documentation", "bugfix"], }, } end else desc 'Generate a Changelog from GitHub' task :changelog do raise < 1.15' condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" EOM end end diff --git a/lib/facter/apache_version.rb b/lib/facter/apache_version.rb index ec577ca5..bb16670d 100644 --- a/lib/facter/apache_version.rb +++ b/lib/facter/apache_version.rb @@ -1,27 +1,29 @@ +# frozen_string_literal: true + Facter.add(:apache_version) do confine kernel: ['FreeBSD', 'Linux'] setcode do apache_version = nil if Facter::Util::Resolution.which('httpd') apache_version = Facter::Util::Resolution.exec('httpd -V 2>&1') Facter.debug "Matching httpd '#{apache_version}'" elsif Facter::Util::Resolution.which('apache2') apache_version = Facter::Util::Resolution.exec('apache2 -V 2>&1') Facter.debug "Matching apache2 '#{apache_version}'" elsif Facter::Util::Resolution.which('apachectl') apache_version = Facter::Util::Resolution.exec('apachectl -v 2>&1') Facter.debug "Matching apachectl '#{apache_version}'" elsif Facter::Util::Resolution.which('apache2ctl') apache_version = Facter::Util::Resolution.exec('apache2ctl -v 2>&1') Facter.debug "Matching apache2ctl '#{apache_version}'" end unless apache_version.nil? match = %r{^Server version: Apache\/(\d+.\d+(.\d+)?)}.match(apache_version) unless match.nil? match[1] end end end end diff --git a/lib/puppet/functions/apache/apache_pw_hash.rb b/lib/puppet/functions/apache/apache_pw_hash.rb index 019db018..4606ac73 100644 --- a/lib/puppet/functions/apache/apache_pw_hash.rb +++ b/lib/puppet/functions/apache/apache_pw_hash.rb @@ -1,10 +1,12 @@ +# frozen_string_literal: true + # @summary DEPRECATED. Use the function [`apache::pw_hash`](#apachepw_hash) instead. Puppet::Functions.create_function(:'apache::apache_pw_hash') do dispatch :deprecation_gen do repeated_param 'Any', :args end def deprecation_gen(*args) call_function('deprecation', 'apache::apache_pw_hash', 'This function is deprecated, please use apache::pw_hash instead.') call_function('apache::pw_hash', *args) end end diff --git a/lib/puppet/functions/apache/bool2httpd.rb b/lib/puppet/functions/apache/bool2httpd.rb index a8b2cb47..1fb71c59 100644 --- a/lib/puppet/functions/apache/bool2httpd.rb +++ b/lib/puppet/functions/apache/bool2httpd.rb @@ -1,34 +1,36 @@ +# frozen_string_literal: true + # @summary # Transform a supposed boolean to On or Off. Passes all other values through. # Puppet::Functions.create_function(:'apache::bool2httpd') do # @param arg # The value to be converted into a string. # # @return # Will return either `On` or `Off` if given a boolean value. Returns a string of any # other given value. # @example # $trace_enable = false # $server_signature = 'mail' # # apache::bool2httpd($trace_enable) # returns 'Off' # apache::bool2httpd($server_signature) # returns 'mail' # apache::bool2httpd(undef) # returns 'Off' # def bool2httpd(arg) return 'Off' if arg.nil? || arg == false || matches_string?(arg, %r{false}i) || arg == :undef return 'On' if arg == true || matches_string?(arg, %r{true}i) arg.to_s end private def matches_string?(value, matcher) if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.4.0') value =~ matcher else value.is_a?(String) && value.match?(matcher) end end end diff --git a/lib/puppet/functions/apache/pw_hash.rb b/lib/puppet/functions/apache/pw_hash.rb index 60a41c24..c56e916b 100644 --- a/lib/puppet/functions/apache/pw_hash.rb +++ b/lib/puppet/functions/apache/pw_hash.rb @@ -1,21 +1,23 @@ +# frozen_string_literal: true + # @summary # Hashes a password in a format suitable for htpasswd files read by apache. # # Currently uses SHA-hashes, because although this format is considered insecure, it's the # most secure format supported by the most platforms. Puppet::Functions.create_function(:'apache::pw_hash') do # @param password # The input that is to be hashed. # # @return # Returns the hash of the input that was given. dispatch :apache_pw_hash do required_param 'String[1]', :password return_type 'String' end def apache_pw_hash(password) require 'base64' '{SHA}' + Base64.strict_encode64(Digest::SHA1.digest(password)) end end diff --git a/lib/puppet/functions/apache_pw_hash.rb b/lib/puppet/functions/apache_pw_hash.rb index 2fd9cf82..7aad4400 100644 --- a/lib/puppet/functions/apache_pw_hash.rb +++ b/lib/puppet/functions/apache_pw_hash.rb @@ -1,10 +1,12 @@ +# frozen_string_literal: true + # @summary DEPRECATED. Use the namespaced function [`apache::pw_hash`](#apachepw_hash) instead. Puppet::Functions.create_function(:apache_pw_hash) do dispatch :deprecation_gen do repeated_param 'Any', :args end def deprecation_gen(*args) call_function('deprecation', 'apache_pw_hash', 'This function is deprecated, please use apache::pw_hash instead.') call_function('apache::pw_hash', *args) end end diff --git a/lib/puppet/functions/bool2httpd.rb b/lib/puppet/functions/bool2httpd.rb index af5b5c5d..62569f7b 100644 --- a/lib/puppet/functions/bool2httpd.rb +++ b/lib/puppet/functions/bool2httpd.rb @@ -1,10 +1,12 @@ +# frozen_string_literal: true + # @summary DEPRECATED. Use the namespaced function [`apache::bool2httpd`](#apachebool2httpd) instead. Puppet::Functions.create_function(:bool2httpd) do dispatch :deprecation_gen do repeated_param 'Any', :args end def deprecation_gen(*args) call_function('deprecation', 'bool2httpd', 'This function is deprecated, please use apache::bool2httpd instead.') call_function('apache::bool2httpd', *args) end end diff --git a/lib/puppet/provider/a2mod.rb b/lib/puppet/provider/a2mod.rb index 747da44a..7406e01d 100644 --- a/lib/puppet/provider/a2mod.rb +++ b/lib/puppet/provider/a2mod.rb @@ -1,41 +1,43 @@ +# frozen_string_literal: true + # a2mod.rb class Puppet::Provider::A2mod < Puppet::Provider # Fetches the mod provider def self.prefetch(mods) instances.each do |prov| mod = mods[prov.name] if mod mod.provider = prov end end end # Clear's the property_hash def flush @property_hash.clear end # Returns a copy of the property_hash def properties if @property_hash.empty? @property_hash = query || { ensure: :absent } @property_hash[:ensure] = :absent if @property_hash.empty? end @property_hash.dup end # Returns the properties of the given mod if it exists. def query self.class.instances.each do |mod| if mod.name == name || mod.name.downcase == name return mod.properties end end nil end # Return's if the ensure property is absent or not def exists? properties[:ensure] != :absent end end diff --git a/lib/puppet/provider/a2mod/a2mod.rb b/lib/puppet/provider/a2mod/a2mod.rb index 8b18686f..3330fd5d 100644 --- a/lib/puppet/provider/a2mod/a2mod.rb +++ b/lib/puppet/provider/a2mod/a2mod.rb @@ -1,35 +1,37 @@ +# frozen_string_literal: true + require 'puppet/provider/a2mod' Puppet::Type.type(:a2mod).provide(:a2mod, parent: Puppet::Provider::A2mod) do desc 'Manage Apache 2 modules on Debian and Ubuntu' optional_commands encmd: 'a2enmod' optional_commands discmd: 'a2dismod' commands apache2ctl: 'apache2ctl' confine osfamily: :debian defaultfor operatingsystem: [:debian, :ubuntu] def self.instances modules = apache2ctl('-M').lines.map { |line| m = line.match(%r{(\w+)_module \(shared\)$}) m[1] if m }.compact modules.map do |mod| new( name: mod, ensure: :present, provider: :a2mod, ) end end def create encmd resource[:name] end def destroy discmd resource[:name] end end diff --git a/lib/puppet/provider/a2mod/gentoo.rb b/lib/puppet/provider/a2mod/gentoo.rb index d4c0b6d6..c53fbd5b 100644 --- a/lib/puppet/provider/a2mod/gentoo.rb +++ b/lib/puppet/provider/a2mod/gentoo.rb @@ -1,114 +1,116 @@ +# frozen_string_literal: true + require 'puppet/util/filetype' Puppet::Type.type(:a2mod).provide(:gentoo, parent: Puppet::Provider) do desc 'Manage Apache 2 modules on Gentoo' confine operatingsystem: :gentoo defaultfor operatingsystem: :gentoo attr_accessor :property_hash def create @property_hash[:ensure] = :present end def exists? (!@property_hash[:ensure].nil? && @property_hash[:ensure] == :present) end def destroy @property_hash[:ensure] = :absent end def flush self.class.flush end class << self attr_reader :conf_file end def self.clear @mod_resources = [] @modules = [] @other_args = '' end def self.initvars @conf_file = '/etc/conf.d/apache2' @filetype = Puppet::Util::FileType.filetype(:flat).new(conf_file) @mod_resources = [] @modules = [] @other_args = '' end initvars # Retrieve an array of all existing modules def self.modules if @modules.length <= 0 # Locate the APACHE_OPTS variable records = filetype.read.split(%r{\n}) apache2_opts = records.grep(%r{^\s*APACHE2_OPTS=}).first # Extract all defines @modules << Regexp.last_match(1).downcase while apache2_opts.sub!(%r{-D\s+(\w+)}, '') # Hang on to any remaining options. if apache2_opts =~ %r{APACHE2_OPTS="(.+)"} @other_args = Regexp.last_match(1).strip end @modules.sort!.uniq! end @modules end def self.prefetch(resources = {}) # Match resources with existing providers instances.each do |provider| resource = resources[provider.name] if resource resource.provider = provider end end # Store all resources using this provider for flushing resources.each do |_name, resource| @mod_resources << resource end end def self.instances modules.map { |mod| new(name: mod, provider: :gentoo, ensure: :present) } end def self.flush mod_list = modules mods_to_remove = @mod_resources.select { |mod| mod.should(:ensure) == :absent }.map { |mod| mod[:name] } mods_to_add = @mod_resources.select { |mod| mod.should(:ensure) == :present }.map { |mod| mod[:name] } mod_list -= mods_to_remove mod_list += mods_to_add mod_list.sort!.uniq! return unless modules != mod_list opts = @other_args + ' ' opts << mod_list.map { |mod| "-D #{mod.upcase}" }.join(' ') opts.strip! opts.gsub!(%r{\s+}, ' ') apache2_opts = %(APACHE2_OPTS="#{opts}") Puppet.debug("Writing back \"#{apache2_opts}\" to #{conf_file}") records = filetype.read.split(%r{\n}) opts_index = records.find_index { |i| i.match(%r{^\s*APACHE2_OPTS}) } records[opts_index] = apache2_opts filetype.backup filetype.write(records.join("\n")) @modules = mod_list end end diff --git a/lib/puppet/provider/a2mod/modfix.rb b/lib/puppet/provider/a2mod/modfix.rb index 59fdc929..755c927e 100644 --- a/lib/puppet/provider/a2mod/modfix.rb +++ b/lib/puppet/provider/a2mod/modfix.rb @@ -1,11 +1,13 @@ +# frozen_string_literal: true + Puppet::Type.type(:a2mod).provide :modfix do desc "Dummy provider for A2mod. Fake nil resources when there is no crontab binary available. Allows puppetd to run on a bootstrapped machine before a Cron package has been installed. Workaround for: http://projects.puppetlabs.com/issues/2384 " def self.instances [] end end diff --git a/lib/puppet/provider/a2mod/redhat.rb b/lib/puppet/provider/a2mod/redhat.rb index 6b063779..149a7b90 100644 --- a/lib/puppet/provider/a2mod/redhat.rb +++ b/lib/puppet/provider/a2mod/redhat.rb @@ -1,60 +1,62 @@ +# frozen_string_literal: true + require 'puppet/provider/a2mod' Puppet::Type.type(:a2mod).provide(:redhat, parent: Puppet::Provider::A2mod) do desc 'Manage Apache 2 modules on RedHat family OSs' commands apachectl: 'apachectl' confine osfamily: :redhat defaultfor osfamily: :redhat require 'pathname' # modpath: Path to default apache modules directory /etc/httpd/mod.d # modfile: Path to module load configuration file; Default: resides under modpath directory # libfile: Path to actual apache module library. Added in modfile LoadModule attr_accessor :modfile, :libfile class << self attr_accessor :modpath def preinit @modpath = '/etc/httpd/mod.d' end end preinit def create File.open(modfile, 'w') do |f| f.puts "LoadModule #{resource[:identifier]} #{libfile}" end end def destroy File.delete(modfile) end def self.instances modules = apachectl('-M').lines.map { |line| m = line.match(%r{(\w+)_module \(shared\)$}) m[1] if m }.compact modules.map do |mod| new( name: mod, ensure: :present, provider: :redhat, ) end end def modfile "#{self.class.modpath}/#{resource[:name]}.load" end # Set libfile path: If absolute path is passed, then maintain it. Else, make it default from 'modules' dir. def libfile Pathname.new(resource[:lib]).absolute? ? resource[:lib] : "modules/#{resource[:lib]}" end end diff --git a/lib/puppet/type/a2mod.rb b/lib/puppet/type/a2mod.rb index 02516989..da04d7f4 100644 --- a/lib/puppet/type/a2mod.rb +++ b/lib/puppet/type/a2mod.rb @@ -1,28 +1,30 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:a2mod) do @doc = 'Manage Apache 2 modules' ensurable newparam(:name) do Puppet.warning 'The a2mod provider is deprecated, please use apache::mod instead' desc 'The name of the module to be managed' isnamevar end newparam(:lib) do desc 'The name of the .so library to be loaded' defaultto { "mod_#{@resource[:name]}.so" } end newparam(:identifier) do desc 'Module identifier string used by LoadModule. Default: module-name_module' # http://httpd.apache.org/docs/2.2/mod/module-dict.html#ModuleIdentifier defaultto { "#{resource[:name]}_module" } end autorequire(:package) { catalog.resource(:package, 'httpd') } end diff --git a/metadata.json b/metadata.json index 302cd902..2209cd26 100644 --- a/metadata.json +++ b/metadata.json @@ -1,87 +1,87 @@ { "name": "puppetlabs-apache", "version": "5.8.0", "author": "puppetlabs", "summary": "Installs, configures, and manages Apache virtual hosts, web services, and modules.", "license": "Apache-2.0", "source": "https://github.com/puppetlabs/puppetlabs-apache", "project_page": "https://github.com/puppetlabs/puppetlabs-apache", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.13.1 < 7.0.0" }, { "name": "puppetlabs/concat", "version_requirement": ">= 2.2.1 < 7.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", "7", "8" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", "7", "8" ] }, { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Scientific", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ "8", "9", "10" ] }, { "operatingsystem": "SLES", "operatingsystemrelease": [ "11 SP1", "12", "15" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "14.04", "16.04", "18.04", "20.04" ] } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 5.5.10 < 8.0.0" } ], "description": "Module for Apache configuration", "pdk-version": "1.18.1", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g5afcd3d" + "template-ref": "heads/main-0-g4543421" } diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 1d7b9c10..cfad4f5f 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -1,598 +1,600 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache parameters' do # Currently this test only does something on FreeBSD. describe 'default_confd_files => false' do it 'doesnt do anything' do pp = "class { 'apache': default_confd_files => false }" apply_manifest(pp, catch_failures: true) end if os[:family] == 'freebsd' describe file("#{apache_hash['confd_dir']}/no-accf.conf.erb") do it { is_expected.not_to be_file } end end end describe 'default_confd_files => true' do it 'copies conf.d files' do pp = "class { 'apache': default_confd_files => true }" apply_manifest(pp, catch_failures: true) end if os[:family] == 'freebsd' describe file("#{apache_hash['confd_dir']}/no-accf.conf.erb") do it { is_expected.to be_file } end end end describe 'when set adds a listen statement' do it 'applys cleanly' do pp = "class { 'apache': ip => '10.1.1.1', service_ensure => stopped }" apply_manifest(pp, catch_failures: true) end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Listen 10.1.1.1' } end end describe 'service tests => true' do pp = <<-MANIFEST class { 'apache': service_enable => true, service_manage => true, service_ensure => running, } MANIFEST it 'starts the service' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } it { is_expected.to be_enabled } end end describe 'service tests => false' do pp = <<-MANIFEST class { 'apache': service_enable => false, service_ensure => stopped, } MANIFEST it 'stops the service' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.not_to be_running } it { is_expected.not_to be_enabled } end end describe 'service manage => false' do pp = <<-MANIFEST class { 'apache': service_enable => true, service_manage => false, service_ensure => true, } MANIFEST it 'we dont manage the service, so it shouldnt start the service' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.not_to be_running } it { is_expected.not_to be_enabled } end end # IAC-785: The Shibboleth mod does not seem to be configured correctly on Debian 10 systems. We should reenable # this test on Debian 10 systems once the issue has been RCA'd and resolved. describe 'conf_enabled => /etc/apache2/conf-enabled', skip: 'IAC-785' do pp = <<-MANIFEST class { 'apache': purge_configs => false, conf_enabled => "/etc/apache2/conf-enabled" } MANIFEST it 'applies cleanly' do run_shell('touch /etc/apache2/conf-enabled/test.conf') apply_manifest(pp, catch_failures: true) end # Ensure the created file didn't disappear. describe file('/etc/apache2/conf-enabled/test.conf') do it { is_expected.to be_file } end # Ensure the default file didn't disappear. describe file('/etc/apache2/conf-enabled/security.conf') do it { is_expected.to be_file } end end describe 'purge parameters => false' do pp = <<-MANIFEST class { 'apache': purge_configs => false, purge_vhost_dir => false, vhost_dir => "#{apache_hash['confd_dir']}.vhosts" } MANIFEST it 'applies cleanly' do run_shell("touch #{apache_hash['confd_dir']}/test.conf") run_shell("mkdir -p #{apache_hash['confd_dir']}.vhosts && touch #{apache_hash['confd_dir']}.vhosts/test.conf") apply_manifest(pp, catch_failures: true) end # Ensure the files didn't disappear. describe file("#{apache_hash['confd_dir']}/test.conf") do it { is_expected.to be_file } end describe file("#{apache_hash['confd_dir']}.vhosts/test.conf") do it { is_expected.to be_file } end end if os[:family] != 'debian' describe 'purge parameters => true' do pp = <<-MANIFEST class { 'apache': purge_configs => true, purge_vhost_dir => true, vhost_dir => "#{apache_hash['confd_dir']}.vhosts" } MANIFEST it 'applies cleanly' do run_shell("touch #{apache_hash['confd_dir']}/test.conf") run_shell("mkdir -p #{apache_hash['confd_dir']}.vhosts && touch #{apache_hash['confd_dir']}.vhosts/test.conf") apply_manifest(pp, catch_failures: true) end # File should be gone describe file("#{apache_hash['confd_dir']}/test.conf") do it { is_expected.not_to be_file } end describe file("#{apache_hash['confd_dir']}.vhosts/test.conf") do it { is_expected.not_to be_file } end end end describe 'serveradmin' do it 'applies cleanly' do pp = "class { 'apache': serveradmin => 'test@example.com' }" apply_manifest(pp, catch_failures: true) end describe file(apache_hash['vhost']) do it { is_expected.to be_file } it { is_expected.to contain 'ServerAdmin test@example.com' } end end describe 'sendfile' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': sendfile => 'On' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'EnableSendfile On' } end describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': sendfile => 'Off' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Sendfile Off' } end end describe 'error_documents' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': error_documents => true }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Alias /error/' } end end describe 'timeout' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': timeout => '1234' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Timeout 1234' } end end describe 'httpd_dir' do describe 'setup' do pp = <<-MANIFEST class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } include 'apache::mod::mime' MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end end describe file("#{apache_hash['mod_dir']}/mime.conf") do it { is_expected.to be_file } it { is_expected.to contain 'AddLanguage eo .eo' } end end describe 'http_protocol_options' do # Actually >= 2.4.24, but the minor version is not provided # https://bugs.launchpad.net/ubuntu/+source/apache2/2.4.7-1ubuntu4.15 # basically versions of the ubuntu or sles apache package cause issue if apache_hash['version'] >= '2.4' && os[:family] !~ %r{ubuntu|sles} describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': http_protocol_options => 'Unsafe RegisteredMethods Require1.0'}" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'HttpProtocolOptions Unsafe RegisteredMethods Require1.0' } end end end describe 'server_root' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': server_root => '/tmp/root', service_ensure => stopped }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'ServerRoot "/tmp/root"' } end end describe 'confd_dir' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': confd_dir => '/tmp/root', service_ensure => stopped, use_optional_includes => true }" apply_manifest(pp, catch_failures: true) end end if apache_hash['version'] == '2.4' describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'IncludeOptional "/tmp/root/*.conf"' } end else describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Include "/tmp/root/*.conf"' } end end end describe 'conf_template' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': conf_template => 'another/test.conf.erb', service_ensure => stopped }" run_shell('mkdir -p /etc/puppetlabs/code/environments/production/modules/another/templates') run_shell("echo 'testcontent' >> /etc/puppetlabs/code/environments/production/modules/another/templates/test.conf.erb") apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'testcontent' } end end describe 'servername' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': servername => 'test.server', service_ensure => stopped }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'ServerName "test.server"' } end end describe 'user' do describe 'setup' do pp = <<-MANIFEST class { 'apache': manage_user => true, manage_group => true, user => 'testweb', group => 'testweb', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end end describe user('testweb') do it { is_expected.to exist } it { is_expected.to belong_to_group 'testweb' } end describe group('testweb') do it { is_expected.to exist } end end describe 'logformats' do describe 'setup' do pp = <<-MANIFEST class { 'apache': log_formats => { 'vhost_common' => '%v %h %l %u %t \\\"%r\\\" %>s %b', 'vhost_combined' => '%v %h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-agent}i\\\"', } } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common' } it { is_expected.to contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined' } end end describe 'keepalive' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': keepalive => 'Off', keepalive_timeout => '30', max_keepalive_requests => '200' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'KeepAlive Off' } it { is_expected.to contain 'KeepAliveTimeout 30' } it { is_expected.to contain 'MaxKeepAliveRequests 200' } end end describe 'limitrequestfieldsize' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': limitreqfieldsize => '16830' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'LimitRequestFieldSize 16830' } end end describe 'limitrequestfields' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': limitreqfields => '120' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'LimitRequestFields 120' } end end describe 'logging' do describe 'setup' do pp = <<-MANIFEST if $::osfamily == 'RedHat' and "$::selinux" == "true" { $semanage_package = $::operatingsystemmajrelease ? { '5' => 'policycoreutils', '8' => 'policycoreutils-python-utils', default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_log_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', require => Package[$semanage_package], } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', path => '/bin:/usr/bin/:/sbin:/usr/sbin', before => Service['httpd'], require => Class['apache'], } } file { '/apache_spec': ensure => directory, } class { 'apache': logroot => '/apache_spec' } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end end describe file("/apache_spec/#{apache_hash['error_log']}") do it { is_expected.to be_file } end end describe 'ports_file' do pp = <<-MANIFEST file { '/apache_spec': ensure => directory, } class { 'apache': ports_file => '/apache_spec/ports_file', ip => '10.1.1.1', service_ensure => stopped } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe file('/apache_spec/ports_file') do it { is_expected.to be_file } it { is_expected.to contain 'Listen 10.1.1.1' } end end describe 'server_tokens' do pp = <<-MANIFEST class { 'apache': server_tokens => 'Minor', } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'ServerTokens Minor' } end end describe 'server_signature' do pp = <<-MANIFEST class { 'apache': server_signature => 'testsig', service_ensure => stopped, } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'ServerSignature testsig' } end end describe 'hostname_lookups' do describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': hostname_lookups => 'On' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'HostnameLookups On' } end describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': hostname_lookups => 'Off' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'HostnameLookups Off' } end describe 'setup' do it 'applies cleanly' do pp = "class { 'apache': hostname_lookups => 'Double' }" apply_manifest(pp, catch_failures: true) end end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'HostnameLookups Double' } end end describe 'trace_enable' do pp = <<-MANIFEST class { 'apache': trace_enable => 'Off', } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'TraceEnable Off' } end end describe 'file_e_tag' do pp = <<-MANIFEST class { 'apache': file_e_tag => 'None', } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['conf_file']) do it { is_expected.to be_file } it { is_expected.to contain 'FileETag None' } end end describe 'package_ensure' do pp = <<-MANIFEST class { 'apache': package_ensure => present, } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe package(apache_hash['package_name']) do it { is_expected.to be_installed } end end end diff --git a/spec/acceptance/apache_ssl_spec.rb b/spec/acceptance/apache_ssl_spec.rb index c67afcd8..416b31f7 100644 --- a/spec/acceptance/apache_ssl_spec.rb +++ b/spec/acceptance/apache_ssl_spec.rb @@ -1,158 +1,160 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache ssl' do describe 'ssl parameters' do pp = <<-MANIFEST class { 'apache': service_ensure => stopped, default_ssl_vhost => true, default_ssl_cert => '/tmp/ssl_cert', default_ssl_key => '/tmp/ssl_key', default_ssl_chain => '/tmp/ssl_chain', default_ssl_ca => '/tmp/ssl_ca', default_ssl_crl_path => '/tmp/ssl_crl_path', default_ssl_crl => '/tmp/ssl_crl', default_ssl_crl_check => 'chain', } MANIFEST it 'runs without error' do idempotent_apply(pp) end describe file("#{apache_hash['mod_ssl_dir']}/ssl.conf") do it { is_expected.to be_file } - if os[:family] =~ %r{redhat} && os[:release].to_i == 8 + if os[:family].include?('redhat') && os[:release].to_i == 8 it { is_expected.to contain 'SSLProtocol all' } else it { is_expected.to contain 'SSLProtocol all -SSLv2 -SSLv3' } end end describe file("#{apache_hash['vhost_dir']}/15-default-ssl.conf") do it { is_expected.to be_file } it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' } it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' } it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' } if apache_hash['version'] == '2.4' it { is_expected.to contain 'SSLCARevocationCheck chain' } else it { is_expected.not_to contain 'SSLCARevocationCheck' } end end end describe 'vhost ssl parameters' do pp = <<-MANIFEST class { 'apache': service_ensure => stopped, } apache::vhost { 'test_ssl': docroot => '/tmp/test', ssl => true, ssl_cert => '/tmp/ssl_cert', ssl_key => '/tmp/ssl_key', ssl_chain => '/tmp/ssl_chain', ssl_ca => '/tmp/ssl_ca', ssl_crl_path => '/tmp/ssl_crl_path', ssl_crl => '/tmp/ssl_crl', ssl_crl_check => 'chain flag', ssl_certs_dir => '/tmp', ssl_protocol => 'test', ssl_cipher => 'test', ssl_honorcipherorder => 'test', ssl_verify_client => 'require', ssl_verify_depth => 'test', ssl_options => ['test', 'test1'], ssl_proxyengine => true, ssl_proxy_protocol => 'TLSv1.2', } MANIFEST it 'runs without error' do idempotent_apply(pp) end describe file("#{apache_hash['vhost_dir']}/25-test_ssl.conf") do it { is_expected.to be_file } it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' } it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } it { is_expected.to contain 'SSLCACertificatePath "/tmp"' } it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' } it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' } it { is_expected.to contain 'SSLProxyEngine On' } it { is_expected.to contain 'SSLProtocol test' } it { is_expected.to contain 'SSLCipherSuite test' } it { is_expected.to contain 'SSLHonorCipherOrder test' } it { is_expected.to contain 'SSLVerifyClient require' } it { is_expected.to contain 'SSLVerifyDepth test' } it { is_expected.to contain 'SSLOptions test test1' } if apache_hash['version'] == '2.4' it { is_expected.to contain 'SSLCARevocationCheck chain flag' } else it { is_expected.not_to contain 'SSLCARevocationCheck' } end end end describe 'vhost ssl ssl_ca only' do pp = <<-MANIFEST class { 'apache': service_ensure => stopped, } apache::vhost { 'test_ssl_ca_only': docroot => '/tmp/test', ssl => true, ssl_cert => '/tmp/ssl_cert', ssl_key => '/tmp/ssl_key', ssl_ca => '/tmp/ssl_ca', ssl_verify_client => 'optional', } MANIFEST it 'runs without error' do idempotent_apply(pp) end describe file("#{apache_hash['vhost_dir']}/25-test_ssl_ca_only.conf") do it { is_expected.to be_file } it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } it { is_expected.not_to contain 'SSLCACertificatePath' } end end describe 'vhost ssl ssl_certs_dir' do pp = <<-MANIFEST class { 'apache': service_ensure => stopped, } apache::vhost { 'test_ssl_certs_dir_only': docroot => '/tmp/test', ssl => true, ssl_cert => '/tmp/ssl_cert', ssl_key => '/tmp/ssl_key', ssl_certs_dir => '/tmp', ssl_verify_client => 'require', } MANIFEST it 'runs without error' do idempotent_apply(pp) end describe file("#{apache_hash['vhost_dir']}/25-test_ssl_certs_dir_only.conf") do it { is_expected.to be_file } it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } it { is_expected.to contain 'SSLCACertificatePath "/tmp"' } it { is_expected.to contain 'SSLVerifyClient require' } it { is_expected.not_to contain 'SSLCACertificateFile' } end end end diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 1a6deac8..3a204e5f 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -1,83 +1,85 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache class' do context 'default parameters' do let(:pp) { "class { 'apache': }" } it 'behaves idempotently' do idempotent_apply(pp) end describe 'apache_version fact' do let(:result) do apply_manifest('include apache', catch_failures: true) version_check_pp = <<-MANIFEST notice("apache_version = >${apache_version}<") MANIFEST apply_manifest(version_check_pp, catch_failures: true) end it { expect(result.stdout).to match(%r{apache_version = >#{apache_hash['version']}.*<}) } end describe package(apache_hash['package_name']) do it { is_expected.to be_installed } end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end describe port(80) do it { is_expected.to be_listening } end end context 'custom site/mod dir parameters' do let(:pp) do <<-MANIFEST if $::osfamily == 'RedHat' and "$::selinux" == "true" { $semanage_package = $::operatingsystemmajrelease ? { '5' => 'policycoreutils', '8' => 'policycoreutils-python-utils', default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', subscribe => Package[$semanage_package], refreshonly => true, } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', path => '/bin:/usr/bin/:/sbin:/usr/sbin', before => Service['httpd'], require => Class['apache'], subscribe => Exec['set_apache_defaults'], refreshonly => true, } } file { '/apache_spec': ensure => directory, } file { '/apache_spec/apache_custom': ensure => directory, } class { 'apache': mod_dir => '/apache_spec/apache_custom/mods', vhost_dir => '/apache_spec/apache_custom/vhosts', } MANIFEST end it 'behaves idempotently' do idempotent_apply(pp) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end end end diff --git a/spec/acceptance/custom_config_spec.rb b/spec/acceptance/custom_config_spec.rb index 52b58fe1..94754240 100644 --- a/spec/acceptance/custom_config_spec.rb +++ b/spec/acceptance/custom_config_spec.rb @@ -1,90 +1,92 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache::custom_config define' do context 'invalid config' do pp = <<-MANIFEST class { 'apache': } apache::custom_config { 'acceptance_test': content => 'INVALID', } MANIFEST it 'does not add the config' do apply_manifest(pp, expect_failures: true) end describe file("#{apache_hash['confd_dir']}/25-acceptance_test.conf") do it { expect(file).not_to exist } end end context 'valid config' do pp = <<-MANIFEST class { 'apache': } apache::custom_config { 'acceptance_test': content => '# just a comment', } MANIFEST it 'adds the config' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['confd_dir']}/25-acceptance_test.conf") do it { is_expected.to contain '# just a comment' } end end context 'with a custom filename' do pp = <<-MANIFEST class { 'apache': } apache::custom_config { 'filename_test': filename => 'custom_filename', content => '# just another comment', } MANIFEST it 'stores content in the described file' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['confd_dir']}/custom_filename") do it { is_expected.to contain '# just another comment' } end end describe 'custom_config without priority prefix' do pp = <<-MANIFEST class { 'apache': } apache::custom_config { 'prefix_test': priority => false, content => '# just a comment', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['confd_dir']}/prefix_test.conf") do it { is_expected.to be_file } end end describe 'custom_config only applied after configs are written' do pp = <<-MANIFEST class { 'apache': } apache::custom_config { 'ordering_test': content => '# just a comment', } # Try to wedge the apache::custom_config call between when httpd.conf is written and # ports.conf is written. This should trigger a dependency cycle File["#{apache_hash['conf_file']}"] -> Apache::Custom_config['ordering_test'] -> Concat["#{apache_hash['ports_file']}"] MANIFEST it 'applies in the right order' do expect(apply_manifest(pp, expect_failures: true).stderr).to match(%r{Found 1 dependency cycle}i) end describe file("#{apache_hash['confd_dir']}/25-ordering_test.conf") do it { is_expected.not_to be_file } end end end diff --git a/spec/acceptance/default_mods_spec.rb b/spec/acceptance/default_mods_spec.rb index 4093ec0b..8653aafd 100644 --- a/spec/acceptance/default_mods_spec.rb +++ b/spec/acceptance/default_mods_spec.rb @@ -1,117 +1,119 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache::default_mods class' do describe 'no default mods' do # Using puppet_apply as a helper let(:pp) do <<-MANIFEST class { 'apache': default_mods => false, } MANIFEST end it 'behaves idempotently' do idempotent_apply(pp) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } end end unless os[:family] == 'sles' && os[:release].to_i >= 12 describe 'no default mods and failing' do before :all do pp = <<-PP include apache::params class { 'apache': default_mods => false, service_ensure => stopped, } PP apply_manifest(pp) end # Using puppet_apply as a helper pp = <<-MANIFEST class { 'apache': default_mods => false, } apache::vhost { 'defaults.example.com': docroot => '#{apache_hash['doc_root']}/defaults', aliases => { alias => '/css', path => '#{apache_hash['doc_root']}/css', }, directories => [ { 'path' => "#{apache_hash['doc_root']}/admin", 'auth_basic_fake' => 'demo demopass', } ], setenv => 'TEST1 one', } MANIFEST it 'applies with errors' do apply_manifest(pp, expect_failures: true) end end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.not_to be_running } end end describe 'alternative default mods' do # Using puppet_apply as a helper let(:pp) do <<-MANIFEST class { 'apache': default_mods => [ 'info', 'alias', 'mime', 'env', 'expires', ], } apache::vhost { 'defaults.example.com': docroot => '#{apache_hash['doc_root']}/defaults', aliases => { alias => '/css', path => '#{apache_hash['doc_root']}/css', }, setenv => 'TEST1 one', } MANIFEST end it 'behaves idempotently' do idempotent_apply(pp) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } end end describe 'change loadfile name' do let(:pp) do <<-MANIFEST class { 'apache': default_mods => false } ::apache::mod { 'auth_basic': loadfile_name => 'zz_auth_basic.load', } MANIFEST end it 'behaves idempotently' do idempotent_apply(pp) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } end describe file("#{apache_hash['mod_dir']}/zz_auth_basic.load") do it { is_expected.to be_file } end end end diff --git a/spec/acceptance/init_task_spec.rb b/spec/acceptance/init_task_spec.rb index 3405c62d..bfe8c34b 100644 --- a/spec/acceptance/init_task_spec.rb +++ b/spec/acceptance/init_task_spec.rb @@ -1,18 +1,20 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'apache tasks' do describe 'reload' do pp = <<-MANIFEST class { 'apache': default_vhost => false, } apache::listen { '9090':} MANIFEST it 'execute reload' do apply_manifest(pp, catch_failures: true) result = run_bolt_task('apache', 'action' => 'reload') expect(result.stdout).to contain(%(reload successful)) end end end diff --git a/spec/acceptance/itk_spec.rb b/spec/acceptance/itk_spec.rb index 9efe7f45..2283e00b 100644 --- a/spec/acceptance/itk_spec.rb +++ b/spec/acceptance/itk_spec.rb @@ -1,48 +1,50 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' case os[:family] when 'debian', 'ubuntu' service_name = 'apache2' variant = :prefork when 'redhat' - unless os[:release] =~ %r{^5} + unless %r{^5}.match?(os[:release]) variant = (os[:release].to_i >= 7) ? :prefork : :itk_only service_name = 'httpd' end when 'freebsd' service_name = 'apache24' variant = :prefork end # IAC-787: The http-itk mod package is not available in any of the standard RHEL/CentOS 8.x repos. Disable this test # on those platforms until we can find a suitable source for this package. describe 'apache::mod::itk class', if: service_name && mod_supported_on_platform?('apache::mod::itk') do describe 'running puppet code' do let(:pp) do case variant when :prefork <<-MANIFEST class { 'apache': mpm_module => 'prefork', } class { 'apache::mod::itk': } MANIFEST when :itk_only <<-MANIFEST class { 'apache': mpm_module => 'itk', } MANIFEST end end it 'behaves idempotently' do idempotent_apply(pp) end end describe service(service_name), skip: 'FM-8483' do it { is_expected.to be_running } it { is_expected.to be_enabled } end end diff --git a/spec/acceptance/mod_apreq2_spec.rb b/spec/acceptance/mod_apreq2_spec.rb index 19c14ca7..0708ea70 100644 --- a/spec/acceptance/mod_apreq2_spec.rb +++ b/spec/acceptance/mod_apreq2_spec.rb @@ -1,13 +1,15 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' _apache_hash = apache_settings_hash describe 'apache::mod::apreq2', if: mod_supported_on_platform?('apache::mod::apreq2') do pp = <<-MANIFEST class { 'apache' : } class { 'apache::mod::apreq2': } MANIFEST it 'succeeds in installing the mod_authnz_apreq2 module' do apply_manifest(pp, catch_failures: true) end end diff --git a/spec/acceptance/mod_authnz_ldap_spec.rb b/spec/acceptance/mod_authnz_ldap_spec.rb index be4bbb7b..ef59b6a5 100644 --- a/spec/acceptance/mod_authnz_ldap_spec.rb +++ b/spec/acceptance/mod_authnz_ldap_spec.rb @@ -1,44 +1,46 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash # We need to restrict this test to RHEL 7.x, 8.x derived OSs as there are too many unique # dependency issues to solve on all supported platforms. describe 'apache::mod::authnz_ldap', if: mod_supported_on_platform?('apache::mod::authnz_ldap') do before(:each) do if os[:family] == 'redhat' run_shell('yum clean all') # To clear some issues when configuring EPEL / Optional repos run_shell('dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm -y') if os[:release].to_i == 8 end end context 'Default mod_authnz_ldap module installation' do pp = if run_shell("grep 'Oracle Linux Server' /etc/os-release", expect_failures: true).exit_status == 0 <<-MANIFEST yumrepo { 'ol7_optional_latest': name => 'ol7_optional_latest', baseurl => 'https://yum.oracle.com/repo/OracleLinux/OL7/optional/latest/x86_64/', gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle', gpgcheck => 1, enabled => 1, } class { 'apache': } class { 'apache::mod::authnz_ldap': } MANIFEST else <<-MANIFEST package { 'epel-release': ensure => present, } class { 'apache': } class { 'apache::mod::authnz_ldap': } MANIFEST end it 'succeeds in installing the mod_authnz_ldap module' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['mod_dir']}/authnz_ldap.load") do it { is_expected.to contain 'mod_authnz_ldap.so' } end end end diff --git a/spec/acceptance/mod_ldap_spec.rb b/spec/acceptance/mod_ldap_spec.rb index 0fabfe6b..2924046a 100644 --- a/spec/acceptance/mod_ldap_spec.rb +++ b/spec/acceptance/mod_ldap_spec.rb @@ -1,19 +1,21 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache::mod::ldap', if: mod_supported_on_platform?('apache::mod::ldap') do context 'Default ldap module installation' do pp = <<-MANIFEST class { 'apache': } class { 'apache::mod::ldap': } MANIFEST it 'succeeds in installing the ldap module' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['mod_dir']}/ldap.load") do it { is_expected.to contain 'mod_ldap.so' } end end end diff --git a/spec/acceptance/mod_md_spec.rb b/spec/acceptance/mod_md_spec.rb index 5bf0c1dc..047c7c51 100644 --- a/spec/acceptance/mod_md_spec.rb +++ b/spec/acceptance/mod_md_spec.rb @@ -1,18 +1,20 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'apache::mod::md', if: mod_supported_on_platform?('apache::mod::md') do pp = <<-MANIFEST class { 'apache': } apache::vhost { 'example.com': docroot => '/var/www/example.com', port => 443, ssl => true, mdomain => true, } MANIFEST it 'succeeds in configuring a virtual host using mod_md' do apply_manifest(pp, catch_failures: true) end end diff --git a/spec/acceptance/mod_php_spec.rb b/spec/acceptance/mod_php_spec.rb index ab660f95..b95f7385 100644 --- a/spec/acceptance/mod_php_spec.rb +++ b/spec/acceptance/mod_php_spec.rb @@ -1,87 +1,89 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache::mod::php class', if: mod_supported_on_platform?('apache::mod::php') do context 'default php config' do pp = <<-MANIFEST class { 'apache': mpm_module => 'prefork', } class { 'apache::mod::php': } apache::vhost { 'php.example.com': port => '80', docroot => '#{apache_hash['doc_root']}/php', } host { 'php.example.com': ip => '127.0.0.1', } file { '#{apache_hash['doc_root']}/php/index.php': ensure => file, content => "\\n", } MANIFEST it 'succeeds in puppeting php' do apply_manifest(pp, catch_failures: true) end if (os[:family] == 'ubuntu' && os[:release] == '16.04') || - (os[:family] == 'debian' && os[:release] =~ %r{9}) + (os[:family] == 'debian' && os[:release] =~ %r{^9\.}) describe file("#{apache_hash['mod_dir']}/php7.0.conf") do it { is_expected.to contain 'DirectoryIndex index.php' } end - elsif os[:family] == 'debian' && os[:release] =~ %r{10} + elsif os[:family] == 'debian' && os[:release] =~ %r{^10\.} describe file("#{apache_hash['mod_dir']}/php7.3.conf") do it { is_expected.to contain 'DirectoryIndex index.php' } end elsif os[:family] == 'ubuntu' && os[:release] == '18.04' describe file("#{apache_hash['mod_dir']}/php7.2.conf") do it { is_expected.to contain 'DirectoryIndex index.php' } end elsif os[:family] == 'ubuntu' && os[:release] == '20.04' describe file("#{apache_hash['mod_dir']}/php7.4.conf") do it { is_expected.to contain 'DirectoryIndex index.php' } end - elsif os[:family] == 'redhat' && os[:release] =~ %r{^8} + elsif os[:family] == 'redhat' && os[:release] =~ %r{^8\.} describe file("#{apache_hash['mod_dir']}/php7.conf") do it { is_expected.to contain 'DirectoryIndex index.php' } end else describe file("#{apache_hash['mod_dir']}/php5.conf") do it { is_expected.to contain 'DirectoryIndex index.php' } end end end context 'custom extensions, php_flag, php_value, php_admin_flag, and php_admin_value' do pp = <<-MANIFEST class { 'apache': mpm_module => 'prefork', } class { 'apache::mod::php': extensions => ['.php','.php5'], } apache::vhost { 'php.example.com': port => '80', docroot => '#{apache_hash['doc_root']}/php', php_values => { 'include_path' => '.:/usr/share/pear:/usr/bin/php', }, php_flags => { 'display_errors' => 'on', }, php_admin_values => { 'open_basedir' => '/var/www/php/:/usr/share/pear/', }, php_admin_flags => { 'engine' => 'on', }, } host { 'php.example.com': ip => '127.0.0.1', } file { '#{apache_hash['doc_root']}/php/index.php5': ensure => file, content => "\\n", } MANIFEST it 'succeeds in puppeting php' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-php.example.com.conf") do it { is_expected.to contain ' php_flag display_errors on' } it { is_expected.to contain ' php_value include_path ".:/usr/share/pear:/usr/bin/php"' } it { is_expected.to contain ' php_admin_flag engine on' } it { is_expected.to contain ' php_admin_value open_basedir /var/www/php/:/usr/share/pear/' } end end end diff --git a/spec/acceptance/prefork_worker_spec.rb b/spec/acceptance/prefork_worker_spec.rb index 6b64d19c..d6bc2239 100644 --- a/spec/acceptance/prefork_worker_spec.rb +++ b/spec/acceptance/prefork_worker_spec.rb @@ -1,67 +1,69 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'prefork_worker_spec.rb', if: mod_supported_on_platform?('apache::mod::event') do describe 'apache::mod::event class' do describe 'running puppet code' do let(:pp) do <<-MANIFEEST class { 'apache': mpm_module => 'event', } MANIFEEST end it 'behaves idempotently' do idempotent_apply(pp) end end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } it { is_expected.to be_enabled } end end describe 'apache::mod::worker class' do describe 'running puppet code' do let(:pp) do <<-MANIFEEST class { 'apache': mpm_module => 'worker', } MANIFEEST end it 'behaves idempotently' do idempotent_apply(pp) end end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } it { is_expected.to be_enabled } end end describe 'apache::mod::prefork class' do describe 'running puppet code' do # Using puppet_apply as a helper let(:pp) do <<-MANIFEEST class { 'apache': mpm_module => 'prefork', } MANIFEEST end it 'behaves idempotently' do idempotent_apply(pp) end end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_running } it { is_expected.to be_enabled } end end end diff --git a/spec/acceptance/service_spec.rb b/spec/acceptance/service_spec.rb index bcb204c5..d4442fe2 100644 --- a/spec/acceptance/service_spec.rb +++ b/spec/acceptance/service_spec.rb @@ -1,19 +1,21 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' describe 'apache::service class' do describe 'adding dependencies in between the base class and service class' do let(:pp) do <<-MANIFEST class { 'apache': } file { '/tmp/test': require => Class['apache'], notify => Class['apache::service'], } MANIFEST end it 'behaves idempotently' do idempotent_apply(pp) end end end diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 888376e0..1b8250c0 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1,1290 +1,1292 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache::vhost define' do context 'no default vhosts' do pp = <<-MANIFEST class { 'apache': default_vhost => false, default_ssl_vhost => false, service_ensure => stopped, } if ($::osfamily == 'Suse' and $::operatingsystemrelease < '15') { exec { '/usr/bin/gensslcert': require => Class['apache'], } } elsif ($::osfamily == 'Suse' and $::operatingsystemrelease >= '15') { # In SLES 15, if not given a name, gensslcert defaults the name to be the hostname exec { '/usr/bin/gensslcert -n default': require => Class['apache'], } } MANIFEST it 'creates no default vhosts' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/15-default.conf") do it { is_expected.not_to be_file } end describe file("#{apache_hash['vhost_dir']}/15-default-ssl.conf") do it { is_expected.not_to be_file } end end context 'default vhost without ssl' do pp = <<-MANIFEST class { 'apache': } MANIFEST it 'creates a default vhost config' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/15-default.conf") do it { is_expected.to contain '' } end describe file("#{apache_hash['vhost_dir']}/15-default-ssl.conf") do it { is_expected.not_to be_file } end end - context 'default vhost with ssl', unless: (os[:family] =~ %r{redhat} && os[:release].to_i == 8) do + context 'default vhost with ssl', unless: (os[:family].include?('redhat') && os[:release].to_i == 8) do pp = <<-MANIFEST file { '#{apache_hash['run_dir']}': ensure => 'directory', recurse => true, } class { 'apache': default_ssl_vhost => true, require => File['#{apache_hash['run_dir']}'], } MANIFEST it 'creates default vhost configs' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/15-default.conf") do it { is_expected.to contain '' } end describe file("#{apache_hash['vhost_dir']}/15-default-ssl.conf") do it { is_expected.to contain '' } it { is_expected.to contain 'SSLEngine on' } end end context 'new vhost on port 80' do pp = <<-MANIFEST class { 'apache': } file { '/var/www': ensure => 'directory', recurse => true, } apache::vhost { 'first.example.com': port => '80', docroot => '/var/www/first', require => File['/var/www'], } MANIFEST it 'configures an apache vhost' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-first.example.com.conf") do it { is_expected.to contain '' } it { is_expected.to contain 'ServerName first.example.com' } end end context 'new proxy vhost on port 80' do pp = <<-MANIFEST class { 'apache': } apache::vhost { 'proxy.example.com': port => '80', docroot => '/var/www/proxy', proxy_pass => [ { 'path' => '/foo', 'url' => 'http://backend-foo/'}, ], proxy_preserve_host => true, proxy_error_override => true, } MANIFEST it 'configures an apache proxy vhost' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-proxy.example.com.conf") do it { is_expected.to contain '' } it { is_expected.to contain 'ServerName proxy.example.com' } it { is_expected.to contain 'ProxyPass' } it { is_expected.to contain 'ProxyPreserveHost On' } it { is_expected.to contain 'ProxyErrorOverride On' } it { is_expected.not_to contain 'ProxyAddHeaders' } it { is_expected.not_to contain "" } end end context 'new proxy vhost on port 80' do pp = <<-MANIFEST class { 'apache': } apache::vhost { 'proxy.example.com': port => '80', docroot => '#{apache_hash['doc_root']}/proxy', proxy_pass_match => [ { 'path' => '/foo', 'url' => 'http://backend-foo/'}, ], proxy_preserve_host => true, proxy_error_override => true, } MANIFEST it 'configures an apache proxy vhost' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-proxy.example.com.conf") do it { is_expected.to contain '' } it { is_expected.to contain 'ServerName proxy.example.com' } it { is_expected.to contain 'ProxyPassMatch /foo http://backend-foo/' } it { is_expected.to contain 'ProxyPreserveHost On' } it { is_expected.to contain 'ProxyErrorOverride On' } it { is_expected.not_to contain 'ProxyAddHeaders' } it { is_expected.not_to contain "" } end end context 'new vhost with multiple IP addresses on multiple ports' do pp = <<-MANIFEST class { 'apache': default_vhost => false, } apache::vhost { 'example.com': port => ['80', '8080'], ip => ['127.0.0.1','127.0.0.2'], ip_based => true, docroot => '/var/www/html', } host { 'host1.example.com': ip => '127.0.0.1', } host { 'host2.example.com': ip => '127.0.0.2', } file { '/var/www/html/index.html': ensure => file, content => "Hello from vhost\\n", } MANIFEST it 'configures one apache vhost with 2 ip addresses and 2 ports' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end describe file("#{apache_hash['vhost_dir']}/25-example.com.conf") do it { is_expected.to contain '' } it { is_expected.to contain 'ServerName example.com' } end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Listen 127.0.0.1:80' } it { is_expected.to contain 'Listen 127.0.0.1:8080' } it { is_expected.to contain 'Listen 127.0.0.2:80' } it { is_expected.to contain 'Listen 127.0.0.2:8080' } it { is_expected.not_to contain 'NameVirtualHost 127.0.0.1:80' } it { is_expected.not_to contain 'NameVirtualHost 127.0.0.1:8080' } it { is_expected.not_to contain 'NameVirtualHost 127.0.0.2:80' } it { is_expected.not_to contain 'NameVirtualHost 127.0.0.2:8080' } end it 'answers to host1.example.com port 80' do run_shell('/usr/bin/curl host1.example.com:80', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from vhost\n") end end it 'answers to host1.example.com port 8080' do run_shell('/usr/bin/curl host1.example.com:8080', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from vhost\n") end end it 'answers to host2.example.com port 80' do run_shell('/usr/bin/curl host2.example.com:80', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from vhost\n") end end it 'answers to host2.example.com port 8080' do run_shell('/usr/bin/curl host2.example.com:8080', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from vhost\n") end end end context 'new vhost with IPv6 address on port 80', :ipv6 do pp = <<-MANIFEST class { 'apache': default_vhost => false, } apache::vhost { 'example.com': port => '80', ip => '::1', ip_based => true, docroot => '/var/www/html', } host { 'ipv6.example.com': ip => '::1', } file { '/var/www/html/index.html': ensure => file, content => "Hello from vhost\\n", } MANIFEST it 'configures one apache vhost with an ipv6 address' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end describe file("#{apache_hash['vhost_dir']}/25-example.com.conf") do it { is_expected.to contain '' } it { is_expected.to contain 'ServerName example.com' } end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } it { is_expected.to contain 'Listen [::1]:80' } it { is_expected.not_to contain 'NameVirtualHost [::1]:80' } end it 'answers to ipv6.example.com' do run_shell('/usr/bin/curl ipv6.example.com:80', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from vhost\n") end end end context 'apache_directories' do let(:pp) do <<-MANIFEST class { 'apache': } if versioncmp('#{apache_hash['version']}', '2.4') >= 0 { $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'require' => 'all denied', } } else { $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'deny' => 'from all', } } $_directories = [ { 'path' => '/var/www/files', }, $_files_match_directory, ] apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => $_directories, } file { '/var/www/files/index.html': ensure => file, content => "Hello World\\n", } file { '/var/www/files/index.html.bak': ensure => file, content => "Hello World\\n", } host { 'files.example.net': ip => '127.0.0.1', } MANIFEST end describe 'readme example, adapted' do it 'configures a vhost with Files' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end it 'answers to files.example.net #stdout' do expect(run_shell('/usr/bin/curl -sSf files.example.net:80/index.html').stdout).to eq("Hello World\n") end it 'answers to files.example.net #stderr' do result = run_shell('/usr/bin/curl -sSf files.example.net:80/index.html.bak', expect_failures: true) expect(result.stderr).to match(%r{curl: \(22\) The requested URL returned error: 403}) expect(result.exit_code).to eq 22 end end describe 'other Directory options' do pp_one = <<-MANIFEST class { 'apache': } if versioncmp($apache_version, '2.4') >= 0 { $_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' } } else { $_files_match_directory = [ { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' }, { 'path' => '/bar/bar.html', 'provider' => 'location', allow => [ 'from 127.0.0.1', ] }, ] } $_directories = [ { 'path' => '/var/www/files', }, { 'path' => '/foo/', 'provider' => 'location', 'directoryindex' => 'notindex.html', }, $_files_match_directory, ] apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => $_directories, } file { '/var/www/files/foo': ensure => directory, } file { '/var/www/files/foo/notindex.html': ensure => file, content => "Hello Foo\\n", } file { '/var/www/files/private.html': ensure => file, content => "Hello World\\n", } file { '/var/www/files/bar': ensure => directory, } file { '/var/www/files/bar/bar.html': ensure => file, content => "Hello Bar\\n", } host { 'files.example.net': ip => '127.0.0.1', } MANIFEST it 'configures a vhost with multiple Directory sections' do apply_manifest(pp_one, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end it 'answers to files.example.net #stdout' do expect(run_shell('/usr/bin/curl -sSf files.example.net:80/').stdout).to eq("Hello World\n") end it 'answers to files.example.net #stdout foo' do expect(run_shell('/usr/bin/curl -sSf files.example.net:80/foo/').stdout).to eq("Hello Foo\n") end it 'answers to files.example.net #stderr' do result = run_shell('/usr/bin/curl -sSf files.example.net:80/private.html', expect_failures: true) expect(result.stderr).to match(%r{curl: \(22\) The requested URL returned error: 403}) expect(result.exit_code).to eq 22 end it 'answers to files.example.net #stdout bar' do expect(run_shell('/usr/bin/curl -sSf files.example.net:80/bar/bar.html').stdout).to eq("Hello Bar\n") end end describe 'SetHandler directive' do pp_two = <<-MANIFEST class { 'apache': } apache::mod { 'status': } host { 'files.example.net': ip => '127.0.0.1', } apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => [ { path => '/var/www/files', }, { path => '/server-status', provider => 'location', sethandler => 'server-status', }, ], } file { '/var/www/files/index.html': ensure => file, content => "Hello World\\n", } MANIFEST it 'configures a vhost with a SetHandler directive' do apply_manifest(pp_two, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end it 'answers to files.example.net #stdout' do expect(run_shell('/usr/bin/curl -sSf files.example.net:80/index.html').stdout).to eq("Hello World\n") end it 'answers to files.example.net #stdout regex' do expect(run_shell('/usr/bin/curl -sSf files.example.net:80/server-status?auto').stdout).to match(%r{Scoreboard: }) end end describe 'Satisfy and Auth directive', unless: apache_hash['version'] == '2.4' do pp_two = <<-MANIFEST class { 'apache': } host { 'files.example.net': ip => '127.0.0.1', } apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => [ { path => '/var/www/files/foo', auth_type => 'Basic', auth_name => 'Basic Auth', auth_user_file => '/var/www/htpasswd', auth_require => "valid-user", }, { path => '/var/www/files/bar', auth_type => 'Basic', auth_name => 'Basic Auth', auth_user_file => '/var/www/htpasswd', auth_require => 'valid-user', satisfy => 'Any', }, { path => '/var/www/files/baz', allow => 'from 10.10.10.10', auth_type => 'Basic', auth_name => 'Basic Auth', auth_user_file => '/var/www/htpasswd', auth_require => 'valid-user', satisfy => 'Any', }, ], } file { '/var/www/files/foo': ensure => directory, } file { '/var/www/files/bar': ensure => directory, } file { '/var/www/files/baz': ensure => directory, } file { '/var/www/files/foo/index.html': ensure => file, content => "Hello World\\n", } file { '/var/www/files/bar/index.html': ensure => file, content => "Hello World\\n", } file { '/var/www/files/baz/index.html': ensure => file, content => "Hello World\\n", } file { '/var/www/htpasswd': ensure => file, content => "login:IZ7jMcLSx0oQk", # "password" as password } MANIFEST it 'configures a vhost with Satisfy and Auth directive' do apply_manifest(pp_two, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } it 'answers to files.example.net' do result = run_shell('/usr/bin/curl -sSf files.example.net:80/foo/index.html', expect_failures: true) expect(result.stderr).to match(%r{curl: \(22\) The requested URL returned error: 401}) expect(result.exit_code).to eq 22 expect(run_shell('/usr/bin/curl -sSf -u login:password files.example.net:80/foo/index.html').stdout).to eq("Hello World\n") expect(run_shell('/usr/bin/curl -sSf files.example.net:80/bar/index.html').stdout).to eq("Hello World\n") expect(run_shell('/usr/bin/curl -sSf -u login:password files.example.net:80/bar/index.html').stdout).to eq("Hello World\n") result = run_shell('/usr/bin/curl -sSf files.example.net:80/baz/index.html', expect_failures: true) expect(result.stderr).to match(%r{curl: \(22\) The requested URL returned error: 401}) expect(result.exit_code).to eq 22 expect(run_shell('/usr/bin/curl -sSf -u login:password files.example.net:80/baz/index.html').stdout).to eq("Hello World\n") end end end end context 'virtual_docroot hosting separate sites' do pp = <<-MANIFEST class { 'apache': } apache::vhost { 'virt.example.com': vhost_name => '*', serveraliases => '*virt.example.com', port => '80', docroot => '/var/www/virt', virtual_docroot => '/var/www/virt/%1', } host { 'virt.example.com': ip => '127.0.0.1', } host { 'a.virt.example.com': ip => '127.0.0.1', } host { 'b.virt.example.com': ip => '127.0.0.1', } file { [ '/var/www/virt/a', '/var/www/virt/b', ]: ensure => directory, } file { '/var/www/virt/a/index.html': ensure => file, content => "Hello from a.virt\\n", } file { '/var/www/virt/b/index.html': ensure => file, content => "Hello from b.virt\\n", } MANIFEST it 'configures a vhost with VirtualDocumentRoot' do apply_manifest(pp, catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end it 'answers to a.virt.example.com' do run_shell('/usr/bin/curl a.virt.example.com:80', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from a.virt\n") end end it 'answers to b.virt.example.com' do run_shell('/usr/bin/curl b.virt.example.com:80', acceptable_exit_codes: 0) do |r| expect(r.stdout).to eq("Hello from b.virt\n") end end end context 'proxy_pass for alternative vhost' do it 'configures a local vhost and a proxy vhost' do apply_manifest(%( class { 'apache': default_vhost => false, } apache::vhost { 'localhost': docroot => '/var/www/local', ip => '127.0.0.1', port => '8888', } apache::listen { '*:80': } apache::vhost { 'proxy.example.com': docroot => '/var/www', port => '80', add_listen => false, proxy_pass => { 'path' => '/', 'url' => 'http://localhost:8888/subdir/', }, } host { 'proxy.example.com': ip => '127.0.0.1', } file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } file { '/var/www/local/subdir/index.html': ensure => file, content => "Hello from localhost\\n", } ), catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end it 'gets a response from the back end #stdout' do run_shell('/usr/bin/curl --max-redirs 0 proxy.example.com:80') do |r| expect(r.stdout).to eq("Hello from localhost\n") end end it 'gets a response from the back end #exit_code' do run_shell('/usr/bin/curl --max-redirs 0 proxy.example.com:80') do |r| expect(r.exit_code).to eq(0) end end end context 'proxy_pass_match for alternative vhost' do it 'configures a local vhost and a proxy vhost' do apply_manifest(%( class { 'apache': default_vhost => false, } apache::vhost { 'localhost': docroot => '/var/www/local', ip => '127.0.0.1', port => '8888', } apache::listen { '*:80': } apache::vhost { 'proxy.example.com': docroot => '/var/www', port => '80', add_listen => false, proxy_pass_match => { 'path' => '/', 'url' => 'http://localhost:8888/subdir/', }, } host { 'proxy.example.com': ip => '127.0.0.1', } file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } file { '/var/www/local/subdir/index.html': ensure => file, content => "Hello from localhost\\n", } ), catch_failures: true) end describe service(apache_hash['service_name']), skip: 'FM-8483' do it { is_expected.to be_enabled } it { is_expected.to be_running } end it 'gets a response from the back end #stdout' do run_shell('/usr/bin/curl --max-redirs 0 proxy.example.com:80') do |r| expect(r.stdout).to eq("Hello from localhost\n") end end it 'gets a response from the back end #exit_code' do run_shell('/usr/bin/curl --max-redirs 0 proxy.example.com:80') do |r| expect(r.exit_code).to eq(0) end end end describe 'ip_based' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', ip_based => true, servername => 'test.server', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } it { is_expected.not_to contain 'NameVirtualHost test.server' } end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain 'ServerName test.server' } end end describe 'ip_based and no servername' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', ip_based => true, servername => '', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } it { is_expected.not_to contain 'NameVirtualHost test.server' } end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.not_to contain 'ServerName' } end end describe 'add_listen' do pp = <<-MANIFEST class { 'apache': default_vhost => false } host { 'testlisten.server': ip => '127.0.0.1' } apache::listen { '81': } apache::vhost { 'testlisten.server': docroot => '/tmp', port => '80', add_listen => false, servername => 'testlisten.server', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } it { is_expected.not_to contain 'Listen 80' } it { is_expected.to contain 'Listen 81' } end end describe 'docroot' do pp = <<-MANIFEST user { 'test_owner': ensure => present, } group { 'test_group': ensure => present, } class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp/test', docroot_owner => 'test_owner', docroot_group => 'test_group', docroot_mode => '0750', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file('/tmp/test') do it { is_expected.to be_directory } it { is_expected.to be_owned_by 'test_owner' } it { is_expected.to be_grouped_into 'test_group' } it { is_expected.to be_mode 750 } end end describe 'default_vhost' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', default_vhost => true, } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file(apache_hash['ports_file']) do it { is_expected.to be_file } end describe file("#{apache_hash['vhost_dir']}/10-test.server.conf") do it { is_expected.to be_file } end end describe 'parameter tests', if: mod_supported_on_platform?('apache::mod::itk') do pp = <<-MANIFEST class { 'apache': } host { 'test.itk': ip => '127.0.0.1' } apache::vhost { 'test.itk': docroot => '/tmp', itk => { user => 'nobody', group => 'nobody' } } host { 'test.custom_fragment': ip => '127.0.0.1' } apache::vhost { 'test.custom_fragment': docroot => '/tmp', custom_fragment => inline_template('#weird test string'), } apache::vhost { 'test.without_priority_prefix': priority => false, docroot => '/tmp' } apache::vhost { 'test.ssl_protocol': docroot => '/tmp', ssl => true, ssl_protocol => ['All', '-SSLv2'], ssl_user_name => 'SSL_CLIENT_S_DN_CN', } apache::vhost { 'test.block': docroot => '/tmp', block => 'scm', } apache::vhost { 'test.setenv_setenvif': docroot => '/tmp', setenv => ['TEST /test'], setenvif => ['Request_URI "\.gif$" object_is_image=gif'] } apache::vhost { 'test.rewrite': docroot => '/tmp', rewrites => [ { comment => 'test', rewrite_cond => '%{HTTP_USER_AGENT} ^Lynx/ [OR]', rewrite_rule => ['^index\.html$ welcome.html'], rewrite_map => ['lc int:tolower'], } ], } apache::vhost { 'test.request_headers': docroot => '/tmp', request_headers => ['append MirrorID "mirror 12"'], } apache::vhost { 'test.redirect': docroot => '/tmp', redirect_source => ['/images'], redirect_dest => ['http://test.server/'], redirect_status => ['permanent'], } apache::vhost { 'test.no_proxy_uris': docroot => '/tmp', proxy_dest => 'http://test2', no_proxy_uris => [ 'http://test2/test' ], } apache::vhost { 'test.proxy': docroot => '/tmp', proxy_dest => 'http://testproxy', } apache::vhost { 'test.scriptaliases': docroot => '/tmp', scriptaliases => [{ alias => '/myscript', path => '/usr/share/myscript', }], } apache::vhost { 'test.aliases': docroot => '/tmp', aliases => [ { alias => '/image' , path => '/ftp/pub/image' } , { scriptalias => '/myscript' , path => '/usr/share/myscript' } ], } apache::vhost { 'test.access_logs': docroot => '/tmp', logroot => '/tmp', access_logs => [ {'file' => 'log1'}, {'file' => 'log2', 'env' => 'admin' }, {'file' => '/var/tmp/log3', 'format' => '%h %l'}, {'syslog' => 'syslog' } ] } apache::vhost { 'test.access_log_env_var': docroot => '/tmp', logroot => '/tmp', access_log_syslog => 'syslog', access_log_env_var => 'admin', } apache::vhost { 'test.access_log_format': docroot => '/tmp', logroot => '/tmp', access_log_syslog => 'syslog', access_log_format => '%h %l', } apache::vhost { 'test.logroot': docroot => '/tmp', logroot => '/tmp', } apache::vhost { 'test.override': docroot => '/tmp', override => ['All'], } apache::vhost { 'test.options': docroot => '/tmp', options => ['Indexes','FollowSymLinks', 'ExecCGI'], } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.itk.conf") do it { is_expected.to be_file } it { is_expected.to contain 'AssignUserId nobody nobody' } end describe file("#{apache_hash['vhost_dir']}/25-test.custom_fragment.conf") do it { is_expected.to be_file } it { is_expected.to contain '#weird test string' } end describe file("#{apache_hash['vhost_dir']}/test.without_priority_prefix.conf") do it { is_expected.to be_file } end describe file("#{apache_hash['vhost_dir']}/25-test.ssl_protocol.conf") do it { is_expected.to be_file } it { is_expected.to contain 'SSLProtocol *All -SSLv2' } it { is_expected.to contain 'SSLUserName *SSL_CLIENT_S_DN_CN' } end describe file("#{apache_hash['vhost_dir']}/25-test.block.conf") do it { is_expected.to be_file } it { is_expected.to contain '' } end describe file("#{apache_hash['vhost_dir']}/25-test.setenv_setenvif.conf") do it { is_expected.to be_file } it { is_expected.to contain 'SetEnv TEST /test' } it { is_expected.to contain 'SetEnvIf Request_URI "\.gif$" object_is_image=gif' } end describe file("#{apache_hash['vhost_dir']}/25-test.rewrite.conf") do it { is_expected.to be_file } it { is_expected.to contain '#test' } it { is_expected.to contain 'RewriteCond %{HTTP_USER_AGENT} ^Lynx/ [OR]' } it { is_expected.to contain 'RewriteRule ^index.html$ welcome.html' } it { is_expected.to contain 'RewriteMap lc int:tolower' } end describe file("#{apache_hash['vhost_dir']}/25-test.request_headers.conf") do it { is_expected.to be_file } it { is_expected.to contain 'append MirrorID "mirror 12"' } end describe file("#{apache_hash['vhost_dir']}/25-test.redirect.conf") do it { is_expected.to be_file } it { is_expected.to contain 'Redirect permanent /images http://test.server/' } end describe file("#{apache_hash['vhost_dir']}/25-test.no_proxy_uris.conf") do it { is_expected.to be_file } it { is_expected.to contain 'ProxyPass http://test2/test !' } it { is_expected.to contain 'ProxyPass / http://test2/' } end describe file("#{apache_hash['vhost_dir']}/25-test.proxy.conf") do it { is_expected.to be_file } it { is_expected.to contain 'ProxyPass / http://testproxy/' } end describe file("#{apache_hash['vhost_dir']}/25-test.scriptaliases.conf") do it { is_expected.to be_file } it { is_expected.to contain 'ScriptAlias /myscript "/usr/share/myscript"' } end describe file("#{apache_hash['vhost_dir']}/25-test.aliases.conf") do it { is_expected.to be_file } it { is_expected.to contain 'Alias /image "/ftp/pub/image"' } it { is_expected.to contain 'ScriptAlias /myscript "/usr/share/myscript"' } end describe file("#{apache_hash['vhost_dir']}/25-test.access_logs.conf") do it { is_expected.to be_file } it { is_expected.to contain 'CustomLog "/tmp/log1" combined' } it { is_expected.to contain 'CustomLog "/tmp/log2" combined env=admin' } it { is_expected.to contain 'CustomLog "/var/tmp/log3" "%h %l"' } it { is_expected.to contain 'CustomLog "syslog" combined' } end describe file("#{apache_hash['vhost_dir']}/25-test.access_log_env_var.conf") do it { is_expected.to be_file } it { is_expected.to contain 'CustomLog "syslog" combined env=admin' } end describe file("#{apache_hash['vhost_dir']}/25-test.access_log_format.conf") do it { is_expected.to be_file } it { is_expected.to contain 'CustomLog "syslog" "%h %l"' } end describe file("#{apache_hash['vhost_dir']}/25-test.logroot.conf") do it { is_expected.to be_file } it { is_expected.to contain ' CustomLog "/tmp' } end describe file("#{apache_hash['vhost_dir']}/25-test.override.conf") do it { is_expected.to be_file } it { is_expected.to contain 'AllowOverride All' } end describe file("#{apache_hash['vhost_dir']}/25-test.options.conf") do it { is_expected.to be_file } it { is_expected.to contain 'Options Indexes FollowSymLinks ExecCGI' } end end context 'when a manifest defines $servername' do describe 'when the $use_servername_for_filenames parameter is set to true' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': use_servername_for_filenames => true, servername => 'test.servername', docroot => '/tmp', logroot => '/tmp', } MANIFEST it 'applies cleanly and DOES NOT print warning about $use_servername_for_filenames usage for test.server vhost' do result = apply_manifest(pp, catch_failures: true) expect(result.stderr).not_to contain %r{ .*Warning\:\sScope\(Apache::Vhost\[test\.server\]\)\:.* It\sis\spossible\sfor\sthe\s\$name\sparameter.* sanitized\s\$servername\sparameter\swhen\snot\sexplicitly\sdefined\. }xm end describe file("#{apache_hash['vhost_dir']}/25-test.servername.conf") do it { is_expected.to be_file } it { is_expected.to contain ' ErrorLog "/tmp/test.servername_error.log' } it { is_expected.to contain ' CustomLog "/tmp/test.servername_access.log' } end end describe 'when the $use_servername_for_filenames parameter is NOT defined' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': servername => 'test.servername', docroot => '/tmp', logroot => '/tmp', } MANIFEST it 'applies cleanly and prints warning about $use_servername_for_filenames usage for test.server vhost' do result = apply_manifest(pp, catch_failures: true) expect(result.stderr).to contain %r{ .*Warning\:\sScope\(Apache::Vhost\[test\.server\]\)\:.* It\sis\spossible\sfor\sthe\s\$name\sparameter.* sanitized\s\$servername\sparameter\swhen\snot\sexplicitly\sdefined\. }xm end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain ' ErrorLog "/tmp/test.server_error.log' } it { is_expected.to contain ' CustomLog "/tmp/test.server_access.log' } end end end ['access', 'error'].each do |logtype| case logtype when 'access' logname = 'CustomLog' when 'error' logname = 'ErrorLog' end describe "#{logtype}_log" do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', logroot => '/tmp', #{logtype}_log => false, } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.not_to contain " #{logname} \"/tmp" } end end describe "#{logtype}_log_pipe" do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', logroot => '/tmp', #{logtype}_log_pipe => '|/bin/sh', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain " #{logname} \"|/bin/sh" } end end describe "#{logtype}_log_syslog" do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', logroot => '/tmp', #{logtype}_log_syslog => 'syslog', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain " #{logname} \"syslog\"" } end end end describe 'actions' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', action => 'php-fastcgi', } MANIFEST it 'applies cleanly' do - pp += "\nclass { 'apache::mod::actions': }" if os[:family] =~ %r{debian|suse|ubuntu|sles} + pp += "\nclass { 'apache::mod::actions': }" if %r{debian|suse|ubuntu|sles}.match?(os[:family]) apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain 'Action php-fastcgi /cgi-bin virtual' } end end describe 'suphp' do pp = <<-MANIFEST class { 'apache': service_ensure => stopped, } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', suphp_addhandler => '#{apache_hash['suphp_handler']}', suphp_engine => 'on', suphp_configpath => '#{apache_hash['suphp_configpath']}', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain "suPHP_AddHandler #{apache_hash['suphp_handler']}" } it { is_expected.to contain 'suPHP_Engine on' } it { is_expected.to contain "suPHP_ConfigPath \"#{apache_hash['suphp_configpath']}\"" } end end describe 'directory rewrite rules' do pp = <<-MANIFEST class { 'apache': } host { 'test.server': ip => '127.0.0.1' } if ! defined(Class['apache::mod::rewrite']) { include ::apache::mod::rewrite } apache::vhost { 'test.server': docroot => '/tmp', directories => [ { path => '/tmp', rewrites => [ { comment => 'Permalink Rewrites', rewrite_base => '/', }, { rewrite_rule => [ '^index\\.php$ - [L]' ] }, { rewrite_cond => [ '%{REQUEST_FILENAME} !-f', '%{REQUEST_FILENAME} !-d', ], rewrite_rule => [ '. /index.php [L]' ], } ], }, ], } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain '#Permalink Rewrites' } it { is_expected.to contain 'RewriteEngine On' } it { is_expected.to contain 'RewriteBase /' } it { is_expected.to contain 'RewriteRule ^index\.php$ - [L]' } it { is_expected.to contain 'RewriteCond %{REQUEST_FILENAME} !-f' } it { is_expected.to contain 'RewriteCond %{REQUEST_FILENAME} !-d' } it { is_expected.to contain 'RewriteRule . /index.php [L]' } end end describe 'wsgi' do context 'filter on OS', if: mod_supported_on_platform?('apache::mod::wsgi') do pp = <<-MANIFEST class { 'apache': } class { 'apache::mod::wsgi': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', wsgi_application_group => '%{GLOBAL}', wsgi_daemon_process => { 'wsgi' => { 'python-home' => '/usr' }, 'foo' => {} }, wsgi_daemon_process_options => {processes => '2'}, wsgi_import_script => '/test1', wsgi_import_script_options => { application-group => '%{GLOBAL}', process-group => 'wsgi' }, wsgi_process_group => 'nobody', wsgi_script_aliases => { '/test' => '/test1' }, wsgi_script_aliases_match => { '/test/([^/*])' => '/test1' }, wsgi_pass_authorization => 'On', wsgi_chunked_request => 'On', } MANIFEST it 'import_script applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain 'WSGIApplicationGroup %{GLOBAL}' } it { is_expected.to contain 'WSGIDaemonProcess foo' } it { is_expected.to contain 'WSGIDaemonProcess wsgi python-home=/usr' } it { is_expected.to contain 'WSGIImportScript /test1 application-group=%{GLOBAL} process-group=wsgi' } it { is_expected.to contain 'WSGIProcessGroup nobody' } it { is_expected.to contain 'WSGIScriptAlias /test "/test1"' } it { is_expected.to contain 'WSGIPassAuthorization On' } it { is_expected.to contain 'WSGIChunkedRequest On' } end end end describe 'additional_includes' do pp = <<-MANIFEST if $::osfamily == 'RedHat' and "$::selinux" == "true" { $semanage_package = $::operatingsystemmajrelease ? { '5' => 'policycoreutils', '8' => 'policycoreutils-python-utils', default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', require => Package[$semanage_package], } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', path => '/bin:/usr/bin/:/sbin:/usr/sbin', before => Service['httpd'], require => Class['apache'], } } class { 'apache': } host { 'test.server': ip => '127.0.0.1' } file { '/apache_spec': ensure => directory, } file { '/apache_spec/include': ensure => present, content => '#additional_includes' } apache::vhost { 'test.server': docroot => '/apache_spec', additional_includes => '/apache_spec/include', } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: false) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain 'Include "/apache_spec/include"' } end end describe 'shibboleth parameters', if: (os[:family] == 'debian' && os[:release] != '7') do # Debian 7 is too old for ShibCompatValidUser pp = <<-MANIFEST class { 'apache': } class { 'apache::mod::shib': } apache::vhost { 'test.server': port => '80', docroot => '/var/www/html', shib_compat_valid_user => 'On' } MANIFEST it 'applies cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain 'ShibCompatValidUser On' } end end # IAC-587: These tests do not currently run successfully on certain RHEL OSs due to dependency issues with the # mod_auth_openidc module. describe 'auth_oidc', if: mod_supported_on_platform?('apache::mod::authnz_ldap') do pp = <<-MANIFEST class { 'apache': } apache::vhost { 'test.server': port => '80', docroot => '/var/www/html', auth_oidc => true, oidc_settings => { 'ProviderMetadataURL' => 'https://login.example.com/.well-known/openid-configuration', 'ClientID' => 'test', 'RedirectURI' => 'https://login.example.com/redirect_uri', 'ProviderTokenEndpointAuth' => 'client_secret_basic', 'RemoteUserClaim' => 'sub', 'ClientSecret' => 'aae053a9-4abf-4824-8956-e94b2af335c8', 'CryptoPassphrase' => '4ad1bb46-9979-450e-ae58-c696967df3cd' } } MANIFEST it 'applys cleanly' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do it { is_expected.to be_file } it { is_expected.to contain 'OIDCProviderMetadataURL https://login.example.com/.well-known/openid-configuration' } it { is_expected.to contain 'OIDCClientID test' } it { is_expected.to contain 'OIDCRedirectURI https://login.example.com/redirect_uri' } it { is_expected.to contain 'OIDCProviderTokenEndpointAuth client_secret_basic' } it { is_expected.to contain 'OIDCRemoteUserClaim sub' } it { is_expected.to contain 'OIDCClientSecret aae053a9-4abf-4824-8956-e94b2af335c8' } it { is_expected.to contain 'OIDCCryptoPassphrase 4ad1bb46-9979-450e-ae58-c696967df3cd' } end end end diff --git a/spec/acceptance/vhosts_spec.rb b/spec/acceptance/vhosts_spec.rb index 30517003..90dc8c99 100644 --- a/spec/acceptance/vhosts_spec.rb +++ b/spec/acceptance/vhosts_spec.rb @@ -1,31 +1,33 @@ +# frozen_string_literal: true + require 'spec_helper_acceptance' apache_hash = apache_settings_hash describe 'apache::vhosts class' do context 'custom vhosts defined via class apache::vhosts' do pp = <<-MANIFEST class { 'apache::vhosts': vhosts => { 'custom_vhost_1' => { 'docroot' => '/var/www/custom_vhost_1', 'port' => '81', }, 'custom_vhost_2' => { 'docroot' => '/var/www/custom_vhost_2', 'port' => '82', }, }, } MANIFEST it 'creates custom vhost config files' do apply_manifest(pp, catch_failures: true) end describe file("#{apache_hash['vhost_dir']}/25-custom_vhost_1.conf") do it { is_expected.to contain '' } end describe file("#{apache_hash['vhost_dir']}/25-custom_vhost_2.conf") do it { is_expected.to contain '' } end end end diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb index a9a69526..11865838 100644 --- a/spec/classes/apache_spec.rb +++ b/spec/classes/apache_spec.rb @@ -1,926 +1,928 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache', type: :class do context 'on a Debian OS' do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'squeeze', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_package('httpd').with( 'notify' => 'Class[Apache::Service]', 'ensure' => 'installed', ) } it { is_expected.to contain_user('www-data') } it { is_expected.to contain_group('www-data') } it { is_expected.to contain_class('apache::service') } it { is_expected.to contain_file('/var/www').with( 'ensure' => 'directory', ) } it { is_expected.to contain_file('/etc/apache2/sites-enabled').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_file('/etc/apache2/mods-enabled').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_file('/etc/apache2/mods-available').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'false', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_concat('/etc/apache2/ports.conf').with( 'owner' => 'root', 'group' => 'root', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } # Assert that load files are placed and symlinked for these mods, but no conf file. ['auth_basic', 'authn_file', 'authz_default', 'authz_groupfile', 'authz_host', 'authz_user', 'dav', 'env'].each do |modname| it { is_expected.to contain_file("#{modname}.load").with( 'path' => "/etc/apache2/mods-available/#{modname}.load", 'ensure' => 'file', ) } it { is_expected.to contain_file("#{modname}.load symlink").with( 'path' => "/etc/apache2/mods-enabled/#{modname}.load", 'ensure' => 'link', 'target' => "/etc/apache2/mods-available/#{modname}.load", ) } it { is_expected.not_to contain_file("#{modname}.conf") } it { is_expected.not_to contain_file("#{modname}.conf symlink") } end context 'with Apache version < 2.4' do let :params do { apache_version: '2.2' } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^Include "/etc/apache2/conf\.d/\*\.conf"$} } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', use_optional_includes: true, } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^IncludeOptional "/etc/apache2/conf\.d/\*\.conf"$} } end context 'when specifying slash encoding behaviour' do let :params do { allow_encoded_slashes: 'nodecode' } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^AllowEncodedSlashes nodecode$} } end context 'when specifying fileETag behaviour' do let :params do { file_e_tag: 'None' } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^FileETag None$} } end context 'when specifying canonical name behaviour' do let :params do { use_canonical_name: 'dns' } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^UseCanonicalName dns$} } end context 'when specifying default character set' do let :params do { default_charset: 'none' } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^AddDefaultCharset none$} } end # Assert that both load files and conf files are placed and symlinked for these mods ['alias', 'autoindex', 'dav_fs', 'deflate', 'dir', 'mime', 'negotiation', 'setenvif'].each do |modname| it { is_expected.to contain_file("#{modname}.load").with( 'path' => "/etc/apache2/mods-available/#{modname}.load", 'ensure' => 'file', ) } it { is_expected.to contain_file("#{modname}.load symlink").with( 'path' => "/etc/apache2/mods-enabled/#{modname}.load", 'ensure' => 'link', 'target' => "/etc/apache2/mods-available/#{modname}.load", ) } it { is_expected.to contain_file("#{modname}.conf").with( 'path' => "/etc/apache2/mods-available/#{modname}.conf", 'ensure' => 'file', ) } it { is_expected.to contain_file("#{modname}.conf symlink").with( 'path' => "/etc/apache2/mods-enabled/#{modname}.conf", 'ensure' => 'link', 'target' => "/etc/apache2/mods-available/#{modname}.conf", ) } end describe "Check default type with Apache version < 2.2 when default_type => 'none'" do let :params do { apache_version: '2.2', default_type: 'none', } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^DefaultType none$} } end describe "Check default type with Apache version < 2.2 when default_type => 'text/plain'" do let :params do { apache_version: '2.2', default_type: 'text/plain', } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^DefaultType text/plain$} } end describe 'Check default type with Apache version >= 2.4' do let :params do { apache_version: '2.4' } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').without_content %r{^DefaultType [.]*$} } end describe "Don't create user resource when parameter manage_user is false" do let :params do { manage_user: false } end it { is_expected.not_to contain_user('www-data') } it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^User www-data\n} } end describe "Don't create group resource when parameter manage_group is false" do let :params do { manage_group: false } end it { is_expected.not_to contain_group('www-data') } it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^Group www-data\n} } end describe 'Add extra LogFormats When parameter log_formats is a hash' do let :params do { log_formats: { 'vhost_common' => '%v %h %l %u %t "%r" %>s %b', 'vhost_combined' => '%v %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"', } } end it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common\n} } it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" vhost_combined\n} } end describe 'Override existing LogFormats When parameter log_formats is a hash' do let :params do { log_formats: { 'common' => '%v %h %l %u %t "%r" %>s %b', 'combined' => '%v %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"', } } end expected = [ %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n}, %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n}, %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n}, ] unexpected = [ %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n}, %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n}, ] it 'Expected to contain' do expected.each do |reg| is_expected.to contain_file('/etc/apache2/apache2.conf').with_content reg end end it 'Not expected to contain' do unexpected.each do |reg| is_expected.to contain_file('/etc/apache2/apache2.conf').without_content reg end end end context '8' do let :facts do super().merge(lsbdistcodename: 'jessie', operatingsystemrelease: '8.0.0') end it { is_expected.to contain_file('/var/www/html').with( 'ensure' => 'directory', ) } describe 'Alternate mpm_modules when declaring mpm_module => prefork' do let :params do { mpm_module: 'worker' } end it { is_expected.to contain_exec('/usr/sbin/a2dismod event') } it { is_expected.to contain_exec('/usr/sbin/a2dismod prefork') } end end context 'on Ubuntu 14.04' do let :facts do super().merge(operatingsystem: 'Ubuntu', lsbdistrelease: '14.04', operatingsystemrelease: '14.04') end it { is_expected.to contain_file('/var/www/html').with( 'ensure' => 'directory', ) } end end context 'on a RedHat 5 OS' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '5', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_package('httpd').with( 'notify' => 'Class[Apache::Service]', 'ensure' => 'installed', ) } it { is_expected.to contain_user('apache') } it { is_expected.to contain_group('apache') } it { is_expected.to contain_class('apache::service') } it { is_expected.to contain_file('/var/www/html').with( 'ensure' => 'directory', ) } it { is_expected.to contain_file('/etc/httpd/conf.d').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_concat('/etc/httpd/conf/ports.conf').with( 'owner' => 'root', 'group' => 'root', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } describe 'Alternate confd/mod/vhosts directory' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', } end ['mod.d', 'site.d', 'conf.d'].each do |dir| it { is_expected.to contain_file("/etc/httpd/#{dir}").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } end # Assert that load files are placed for these mods, but no conf file. ['auth_basic', 'authn_file', 'authz_default', 'authz_groupfile', 'authz_host', 'authz_user', 'dav', 'env'].each do |modname| it { is_expected.to contain_file("#{modname}.load").with_path( "/etc/httpd/mod.d/#{modname}.load", ) } it { is_expected.not_to contain_file("#{modname}.conf").with_path( "/etc/httpd/mod.d/#{modname}.conf", ) } end # Assert that both load files and conf files are placed for these mods ['alias', 'autoindex', 'dav_fs', 'deflate', 'dir', 'mime', 'negotiation', 'setenvif'].each do |modname| it { is_expected.to contain_file("#{modname}.load").with_path( "/etc/httpd/mod.d/#{modname}.load", ) } it { is_expected.to contain_file("#{modname}.conf").with_path( "/etc/httpd/mod.d/#{modname}.conf", ) } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/site\.d/\*"$} } it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/mod\.d/\*\.conf"$} } it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/mod\.d/\*\.load"$} } end describe 'Alternate confd/mod/vhosts directory with Apache version < 2.4' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.2', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/conf\.d/\*\.conf"$} } end describe 'Alternate confd/mod/vhosts directory with Apache version >= 2.4' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.4', use_optional_includes: true, } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^IncludeOptional "/etc/httpd/conf\.d/\*\.conf"$} } end describe 'Alternate confd/mod/vhosts directory with Apache version < 2.4' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.2', rewrite_lock: '/var/lock/subsys/rewrite-lock', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^RewriteLock /var/lock/subsys/rewrite-lock$} } end describe 'Alternate confd/mod/vhosts directory with Apache version < 2.4' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.2', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').without_content %r{^RewriteLock [.]*$} } end describe 'Alternate confd/mod/vhosts directory with Apache version >= 2.4' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.4', rewrite_lock: '/var/lock/subsys/rewrite-lock', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').without_content %r{^RewriteLock [.]*$} } end describe 'Alternate confd/mod/vhosts directory when specifying slash encoding behaviour' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', allow_encoded_slashes: 'nodecode', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^AllowEncodedSlashes nodecode$} } end describe 'Alternate confd/mod/vhosts directory when specifying default character set' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', default_charset: 'none', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^AddDefaultCharset none$} } end describe "Alternate confd/mod/vhosts directory with Apache version < 2.4 when default_type => 'none'" do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.2', default_type: 'none', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^DefaultType none$} } end describe "Alternate confd/mod/vhosts directory with Apache version < 2.4 when default_type => 'text/plain'" do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.2', default_type: 'text/plain', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^DefaultType text/plain$} } end describe 'Alternate confd/mod/vhosts directory with Apache version >= 2.4' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', apache_version: '2.4', } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').without_content %r{^DefaultType [.]*$} } end describe 'Alternate conf directory' do let :params do { conf_dir: '/opt/rh/root/etc/httpd/conf' } end it { is_expected.to contain_file('/opt/rh/root/etc/httpd/conf/httpd.conf').with( 'ensure' => 'file', 'notify' => 'Class[Apache::Service]', 'require' => ['Package[httpd]', 'Concat[/etc/httpd/conf/ports.conf]'], ) } end describe 'Alternate conf.d directory' do let :params do { confd_dir: '/etc/httpd/special_conf.d' } end it { is_expected.to contain_file('/etc/httpd/special_conf.d').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } end describe 'Alternate mpm_modules when declaring mpm_module is false' do let :params do { mpm_module: false } end unexpected = ['apache::mod::event', 'apache::mod::itk', 'apache::mod::peruser', 'apache::mod::prefork', 'apache::mod::worker'] it 'does not declare mpm modules' do unexpected.each do |not_expect| is_expected.not_to contain_class(not_expect) end end end describe 'Alternate mpm_modules when declaring mpm_module => prefork' do let :params do { mpm_module: 'prefork' } end it { is_expected.to contain_class('apache::mod::prefork') } it { is_expected.not_to contain_class('apache::mod::event') } it { is_expected.not_to contain_class('apache::mod::itk') } it { is_expected.not_to contain_class('apache::mod::peruser') } it { is_expected.not_to contain_class('apache::mod::worker') } end describe 'Alternate mpm_modules when declaring mpm_module => worker' do let :params do { mpm_module: 'worker' } end it { is_expected.to contain_class('apache::mod::worker') } it { is_expected.not_to contain_class('apache::mod::event') } it { is_expected.not_to contain_class('apache::mod::itk') } it { is_expected.not_to contain_class('apache::mod::peruser') } it { is_expected.not_to contain_class('apache::mod::prefork') } end describe 'different templates for httpd.conf with default' do let :params do { conf_template: 'apache/httpd.conf.erb' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^# Security\n} } end describe 'different templates for httpd.conf with non-default' do let :params do { conf_template: 'site_apache/fake.conf.erb' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Fake template for rspec.$} } end describe 'default mods without' do let :params do { default_mods: false } end it { is_expected.to contain_apache__mod('authz_host') } it { is_expected.not_to contain_apache__mod('env') } end describe 'default mods custom' do let :params do { default_mods: ['info', 'alias', 'mime', 'env', 'setenv', 'expires'] } end it { is_expected.to contain_apache__mod('authz_host') } it { is_expected.to contain_apache__mod('env') } it { is_expected.to contain_class('apache::mod::info') } it { is_expected.to contain_class('apache::mod::mime') } end describe "Don't create user resource when parameter manage_user is false" do let :params do { manage_user: false } end it { is_expected.not_to contain_user('apache') } it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^User apache\n} } end describe "Don't create group resource when parameter manage_group is false" do let :params do { manage_group: false } end it { is_expected.not_to contain_group('apache') } it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Group apache\n} } end describe 'sendfile with invalid value' do let :params do { sendfile: 'foo' } end it 'fails' do expect { catalogue - }.to raise_error(Puppet::PreformattedError, %r{Evaluation Error: Error while evaluating a Resource Statement, Class\[Apache\]: parameter 'sendfile' expects a match for Enum\['Off', 'On', 'off', 'on'\]}) # rubocop:disable Metrics/LineLength + }.to raise_error(Puppet::PreformattedError, %r{Evaluation Error: Error while evaluating a Resource Statement, Class\[Apache\]: parameter 'sendfile' expects a match for Enum\['Off', 'On', 'off', 'on'\]}) # rubocop:disable Layout/LineLength end end describe 'sendfile On' do let :params do { sendfile: 'On' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^EnableSendfile On\n} } end describe 'sendfile Off' do let :params do { sendfile: 'Off' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^EnableSendfile Off\n} } end describe 'hostname lookup with invalid value' do let :params do { hostname_lookups: 'foo' } end it 'fails' do expect { catalogue }.to raise_error(Puppet::Error, %r{Evaluation Error}) end end describe 'hostname_lookups On' do let :params do { hostname_lookups: 'On' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups On\n} } end describe 'hostname_lookups Off' do let :params do { hostname_lookups: 'Off' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups Off\n} } end describe 'hostname_lookups Double' do let :params do { hostname_lookups: 'Double' } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups Double\n} } end context 'on Fedora 21' do let :facts do super().merge(operatingsystem: 'Fedora', lsbdistrelease: '21', operatingsystemrelease: '21') end it { is_expected.to contain_class('apache').with_apache_version('2.4') } end context 'on Fedora Rawhide' do let :facts do super().merge(operatingsystem: 'Fedora', lsbdistrelease: 'Rawhide', operatingsystemrelease: 'Rawhide') end it { is_expected.to contain_class('apache').with_apache_version('2.4') } end # kinda obsolete context 'on Fedora 17' do let :facts do super().merge(operatingsystem: 'Fedora', lsbdistrelease: '17', operatingsystemrelease: '17') end it { is_expected.to contain_class('apache').with_apache_version('2.2') } end end context 'on a FreeBSD OS' do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '10', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::package').with('ensure' => 'present') } it { is_expected.to contain_user('www') } it { is_expected.to contain_group('www') } it { is_expected.to contain_class('apache::service') } it { is_expected.to contain_file('/usr/local/www/apache24/data').with( 'ensure' => 'directory', ) } it { is_expected.to contain_file('/usr/local/etc/apache24/Vhosts').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_file('/usr/local/etc/apache24/Modules').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_concat('/usr/local/etc/apache24/ports.conf').with( 'owner' => 'root', 'group' => 'wheel', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } # Assert that load files are placed for these mods, but no conf file. ['auth_basic', 'authn_core', 'authn_file', 'authz_groupfile', 'authz_host', 'authz_user', 'dav', 'env'].each do |modname| it { is_expected.to contain_file("#{modname}.load").with( 'path' => "/usr/local/etc/apache24/Modules/#{modname}.load", 'ensure' => 'file', ) } it { is_expected.not_to contain_file("#{modname}.conf") } end # Assert that both load files and conf files are placed for these mods ['alias', 'autoindex', 'dav_fs', 'deflate', 'dir', 'mime', 'negotiation', 'setenvif'].each do |modname| it { is_expected.to contain_file("#{modname}.load").with( 'path' => "/usr/local/etc/apache24/Modules/#{modname}.load", 'ensure' => 'file', ) } it { is_expected.to contain_file("#{modname}.conf").with( 'path' => "/usr/local/etc/apache24/Modules/#{modname}.conf", 'ensure' => 'file', ) } end end context 'on a Gentoo OS' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_user('apache') } it { is_expected.to contain_group('apache') } it { is_expected.to contain_class('apache::service') } it { is_expected.to contain_file('/var/www/localhost/htdocs').with( 'ensure' => 'directory', ) } it { is_expected.to contain_file('/etc/apache2/vhosts.d').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_file('/etc/apache2/modules.d').with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { is_expected.to contain_concat('/etc/apache2/ports.conf').with( 'owner' => 'root', 'group' => 'wheel', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } end context 'on all OSes' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'with a custom apache_name parameter' do let :params do { apache_name: 'httpd24-httpd', } end it { is_expected.to contain_package('httpd').with( 'notify' => 'Class[Apache::Service]', 'ensure' => 'installed', 'name' => 'httpd24-httpd', ) } end context 'with a custom file_mode parameter' do let :params do { file_mode: '0640', } end it { is_expected.to contain_concat('/etc/httpd/conf/ports.conf').with( 'mode' => '0640', ) } end context 'with a custom root_directory_options parameter' do let :params do { root_directory_options: ['-Indexes', '-FollowSymLinks'], } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{Options -Indexes -FollowSymLinks} } end context 'with a custom root_directory_secured parameter and Apache < 2.4' do let :params do { apache_version: '2.2', root_directory_secured: true, } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{Options FollowSymLinks\n\s+AllowOverride None\n\s+Order deny,allow\n\s+Deny from all} } end context 'with a custom root_directory_secured parameter and Apache >= 2.4' do let :params do { apache_version: '2.4', root_directory_secured: true, } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{Options FollowSymLinks\n\s+AllowOverride None\n\s+Require all denied} } end context 'default vhost defaults' do it { is_expected.to contain_apache__vhost('default').with_ensure('present') } it { is_expected.to contain_apache__vhost('default-ssl').with_ensure('absent') } it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{Options FollowSymLinks} } end context 'without default non-ssl vhost' do let :params do { default_vhost: false, } end it { is_expected.to contain_apache__vhost('default').with_ensure('absent') } it { is_expected.not_to contain_file('/var/www/html') } end context 'with default ssl vhost' do let :params do { default_ssl_vhost: true, } end it { is_expected.to contain_apache__vhost('default-ssl').with_ensure('present') } it { is_expected.to contain_file('/var/www/html') } end end context 'with unsupported osfamily' do let :facts do { osfamily: 'Darwin', operatingsystemrelease: '13.1.0', is_pe: false } end it do expect { catalogue }.to raise_error(Puppet::Error, %r{Unsupported osfamily}) end end end diff --git a/spec/classes/dev_spec.rb b/spec/classes/dev_spec.rb index 7ef4281f..96ec70aa 100644 --- a/spec/classes/dev_spec.rb +++ b/spec/classes/dev_spec.rb @@ -1,34 +1,36 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::dev' do on_supported_os.each do |os, facts| context "on #{os} " do let :facts do facts end context 'with all defaults' do let(:pre_condition) do [ 'include apache', ] end it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('apache::params') } case facts[:os]['name'] when 'Debian' it { is_expected.to contain_package('libaprutil1-dev') } it { is_expected.to contain_package('libapr1-dev') } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_package('apache2-prefork-dev') } end when 'Ubuntu' it { is_expected.to contain_package('apache2-dev') } when 'RedHat' it { is_expected.to contain_package('httpd-devel') } end end end end end diff --git a/spec/classes/mod/alias_spec.rb b/spec/classes/mod/alias_spec.rb index fc0a84f1..4974211c 100644 --- a/spec/classes/mod/alias_spec.rb +++ b/spec/classes/mod/alias_spec.rb @@ -1,137 +1,139 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::alias', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Alias \/icons\/ "\/usr\/share\/apache2\/icons\/"}) } end context 'on a RedHat 6-based OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Alias \/icons\/ "\/var\/www\/icons\/"}) } end context 'on a RedHat 7-based OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '7', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Alias \/icons\/ "\/usr\/share\/httpd\/icons\/"}) } end context 'on a RedHat 8-based OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Alias \/icons\/ "\/usr\/share\/httpd\/icons\/"}) } end context 'with icons options', :compile do let :pre_condition do 'class { apache: default_mods => false }' end let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '7', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { 'icons_options' => 'foo', } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Options foo}) } end context 'with icons path change', :compile do let :pre_condition do 'class { apache: default_mods => false }' end let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '7', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { 'icons_prefix' => 'apache-icons', } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Alias \/apache-icons\/ "\/usr\/share\/httpd\/icons\/"}) } end context 'on a FreeBSD OS', :compile do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '10', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('alias') } it { is_expected.to contain_file('alias.conf').with(content: %r{Alias \/icons\/ "\/usr\/local\/www\/apache24\/icons\/"}) } end end end diff --git a/spec/classes/mod/auth_cas_spec.rb b/spec/classes/mod/auth_cas_spec.rb index fe64fb3e..f9686b22 100644 --- a/spec/classes/mod/auth_cas_spec.rb +++ b/spec/classes/mod/auth_cas_spec.rb @@ -1,92 +1,94 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::auth_cas', type: :class do context 'default params' do let :params do { cas_login_url: 'https://cas.example.com/login', cas_validate_url: 'https://cas.example.com/validate', cas_cookie_path: '/var/cache/apache2/mod_auth_cas/', } end it_behaves_like 'a mod class, without including apache' end context 'default configuration with parameters' do let :params do { cas_login_url: 'https://cas.example.com/login', cas_validate_url: 'https://cas.example.com/validate', } end context 'on a Debian OS', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_cas') } it { is_expected.to contain_package('libapache2-mod-auth-cas') } it { is_expected.to contain_file('auth_cas.conf').with_path('/etc/apache2/mods-available/auth_cas.conf') } it { is_expected.to contain_file('/var/cache/apache2/mod_auth_cas/').with_owner('www-data') } end context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_cas') } it { is_expected.to contain_package('mod_auth_cas') } it { is_expected.to contain_file('auth_cas.conf').with_path('/etc/httpd/conf.d/auth_cas.conf') } it { is_expected.to contain_file('/var/cache/mod_auth_cas/').with_owner('apache') } end context 'vhost setup', :compile do let :pre_condition do "class { 'apache': } apache::vhost { 'test.server': docroot => '/var/www/html', cas_root_proxied_as => 'http://test.server', cas_cookie_path => '/my/cas/path'} " end let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_cas') } it { is_expected.to contain_package('mod_auth_cas') } it { is_expected.to contain_file('auth_cas.conf').with_path('/etc/httpd/conf.d/auth_cas.conf') } it { is_expected.to contain_file('/var/cache/mod_auth_cas/').with_owner('apache') } it { is_expected.to contain_concat__fragment('test.server-auth_cas').with(content: %r{^\s+CASRootProxiedAs http://test.server$}) is_expected.to contain_concat__fragment('test.server-auth_cas').with(content: %r{^\s+CASCookiePath /my/cas/path$}) } end end end diff --git a/spec/classes/mod/auth_gssapi_spec.rb b/spec/classes/mod/auth_gssapi_spec.rb index 96b95ba4..fbb0763a 100644 --- a/spec/classes/mod/auth_gssapi_spec.rb +++ b/spec/classes/mod/auth_gssapi_spec.rb @@ -1,77 +1,79 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::auth_gssapi', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'squeeze', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_gssapi') } it { is_expected.to contain_package('libapache2-mod-auth-gssapi') } end context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_gssapi') } it { is_expected.to contain_package('mod_auth_gssapi') } end context 'on a FreeBSD OS', :compile do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '9', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_gssapi') } it { is_expected.to contain_package('www/mod_auth_gssapi') } end context 'on a Gentoo OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'Gentoo', operatingsystem: 'Gentoo', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', operatingsystemrelease: '3.16.1-gentoo', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_gssapi') } it { is_expected.to contain_package('www-apache/mod_auth_gssapi') } end end end diff --git a/spec/classes/mod/auth_kerb_spec.rb b/spec/classes/mod/auth_kerb_spec.rb index 87177e86..a4a09dc1 100644 --- a/spec/classes/mod/auth_kerb_spec.rb +++ b/spec/classes/mod/auth_kerb_spec.rb @@ -1,106 +1,108 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::auth_kerb', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_kerb') } it { is_expected.to contain_package('libapache2-mod-auth-kerb') } end context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_kerb') } it { is_expected.to contain_package('mod_auth_kerb') } end context 'on a FreeBSD OS', :compile do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '9', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_kerb') } it { is_expected.to contain_package('www/mod_auth_kerb2') } end context 'on a Gentoo OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'Gentoo', operatingsystem: 'Gentoo', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', operatingsystemrelease: '3.16.1-gentoo', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_kerb') } it { is_expected.to contain_package('www-apache/mod_auth_kerb') } end end context 'overriding mod_packages' do context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :pre_condition do <<-MANIFEST include apache::params class { 'apache': mod_packages => merge($::apache::params::mod_packages, { 'auth_kerb' => 'httpd24-mod_auth_kerb', }) } MANIFEST end it { is_expected.to contain_apache__mod('auth_kerb') } it { is_expected.to contain_package('httpd24-mod_auth_kerb') } it { is_expected.not_to contain_package('mod_auth_kerb') } end end end diff --git a/spec/classes/mod/auth_mellon_spec.rb b/spec/classes/mod/auth_mellon_spec.rb index 86dca275..1a915a08 100644 --- a/spec/classes/mod/auth_mellon_spec.rb +++ b/spec/classes/mod/auth_mellon_spec.rb @@ -1,87 +1,89 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::auth_mellon', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', fqdn: 'test.example.com', is_pe: false, } end describe 'with no parameters' do it { is_expected.to contain_apache__mod('auth_mellon') } it { is_expected.to contain_package('libapache2-mod-auth-mellon') } it { is_expected.to contain_file('auth_mellon.conf').with_path('/etc/apache2/mods-available/auth_mellon.conf') } it { is_expected.to contain_file('auth_mellon.conf').with_content("MellonPostDirectory \"\/var\/cache\/apache2\/mod_auth_mellon\/\"\n") } end describe 'with parameters' do let :params do { mellon_cache_size: '200', mellon_cache_entry_size: '2010', mellon_lock_file: '/tmp/junk', mellon_post_directory: '/tmp/post', mellon_post_ttl: '5', mellon_post_size: '8', mellon_post_count: '10' } end it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonCacheSize\s+200$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonCacheEntrySize\s+2010$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonLockFile\s+"\/tmp\/junk"$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostDirectory\s+"\/tmp\/post"$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostTTL\s+5$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostSize\s+8$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostCount\s+10$}) } end end context 'default configuration with parameters on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', fqdn: 'test.example.com', is_pe: false, } end describe 'with no parameters' do it { is_expected.to contain_apache__mod('auth_mellon') } it { is_expected.to contain_package('mod_auth_mellon') } it { is_expected.to contain_file('auth_mellon.conf').with_path('/etc/httpd/conf.d/auth_mellon.conf') } it { is_expected.to contain_file('auth_mellon.conf').with_content("MellonCacheSize 100\nMellonLockFile \"/run/mod_auth_mellon/lock\"\n") } end describe 'with parameters' do let :params do { mellon_cache_size: '200', mellon_cache_entry_size: '2010', mellon_lock_file: '/tmp/junk', mellon_post_directory: '/tmp/post', mellon_post_ttl: '5', mellon_post_size: '8', mellon_post_count: '10' } end it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonCacheSize\s+200$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonCacheEntrySize\s+2010$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonLockFile\s+"\/tmp\/junk"$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostDirectory\s+"\/tmp\/post"$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostTTL\s+5$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostSize\s+8$}) } it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonPostCount\s+10$}) } end end end diff --git a/spec/classes/mod/auth_openidc_spec.rb b/spec/classes/mod/auth_openidc_spec.rb index 3f1d640c..a0309da8 100644 --- a/spec/classes/mod/auth_openidc_spec.rb +++ b/spec/classes/mod/auth_openidc_spec.rb @@ -1,89 +1,91 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::auth_openidc', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_openidc') } it { is_expected.to contain_package('libapache2-mod-auth-openidc') } end context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_openidc') } it { is_expected.to contain_package('mod_auth_openidc') } end context 'on a FreeBSD OS', :compile do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '9', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('auth_openidc') } it { is_expected.to contain_package('www/mod_auth_openidc') } end end context 'overriding mod_packages' do context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :pre_condition do <<-MANIFEST include apache::params class { 'apache': mod_packages => merge($::apache::params::mod_packages, { 'auth_openidc' => 'httpd24-mod_auth_openidc', }) } MANIFEST end it { is_expected.to contain_apache__mod('auth_openidc') } it { is_expected.to contain_package('httpd24-mod_auth_openidc') } it { is_expected.not_to contain_package('mod_auth_openidc') } end end end diff --git a/spec/classes/mod/authn_dbd_spec.rb b/spec/classes/mod/authn_dbd_spec.rb index a40fc504..0f78816f 100644 --- a/spec/classes/mod/authn_dbd_spec.rb +++ b/spec/classes/mod/authn_dbd_spec.rb @@ -1,62 +1,64 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::authn_dbd', type: :class do context 'default params' do let :params do { authn_dbd_params: 'host=db_host port=3306 user=apache password=###### dbname=apache_auth', } end it_behaves_like 'a mod class, without including apache' end context 'default configuration with parameters' do let :params do { authn_dbd_params: 'host=db_host port=3306 user=apache password=###### dbname=apache_auth', authn_dbd_alias: 'db_authn', authn_dbd_query: 'SELECT password FROM authn WHERE username = %s', } end context 'on a Debian OS', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('authn_dbd') } it { is_expected.to contain_apache__mod('dbd') } it { is_expected.to contain_file('authn_dbd.conf').with_path('/etc/apache2/mods-available/authn_dbd.conf') } end context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('authn_dbd') } it { is_expected.to contain_apache__mod('dbd') } it { is_expected.to contain_file('authn_dbd.conf').with_path('/etc/httpd/conf.d/authn_dbd.conf') } end end end diff --git a/spec/classes/mod/authnz_ldap_spec.rb b/spec/classes/mod/authnz_ldap_spec.rb index baa76dc2..307b16d7 100644 --- a/spec/classes/mod/authnz_ldap_spec.rb +++ b/spec/classes/mod/authnz_ldap_spec.rb @@ -1,93 +1,95 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::authnz_ldap', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'Debian', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::ldap') } it { is_expected.to contain_apache__mod('authnz_ldap') } context 'default verify_server_cert' do it { is_expected.to contain_file('authnz_ldap.conf').with_content(%r{^LDAPVerifyServerCert On$}) } end context 'verify_server_cert = false' do let(:params) { { verify_server_cert: false } } it { is_expected.to contain_file('authnz_ldap.conf').with_content(%r{^LDAPVerifyServerCert Off$}) } end context 'verify_server_cert = wrong' do let(:params) { { verify_server_cert: 'wrong' } } it 'raises an error' do expect { is_expected.to raise_error Puppet::Error } end end end # Debian context 'default configuration with parameters on a RedHat OS' do on_supported_os.each do |os, os_facts| next unless os.start_with?('redhat') context "On #{os}" do let :facts do os_facts end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::ldap') } it { is_expected.to contain_apache__mod('authnz_ldap') } if os_facts[:operatingsystemmajrelease].to_i >= 7 it { is_expected.to contain_package('mod_ldap') } else it { is_expected.to contain_package('mod_authz_ldap') } end context 'default verify_server_cert' do it { is_expected.to contain_file('authnz_ldap.conf').with_content(%r{^LDAPVerifyServerCert On$}) } end context 'verify_server_cert = false' do let(:params) { { verify_server_cert: false } } it { is_expected.to contain_file('authnz_ldap.conf').with_content(%r{^LDAPVerifyServerCert Off$}) } end context 'verify_server_cert = wrong' do let(:params) { { verify_server_cert: 'wrong' } } it 'raises an error' do expect { is_expected.to raise_error Puppet::Error } end end context 'SCL', if: (os_facts[:operatingsystemmajrelease].to_i >= 6 && os_facts[:operatingsystemmajrelease].to_i < 8) do let(:pre_condition) do "class { 'apache::version': scl_httpd_version => '2.4', scl_php_version => '7.0', } include apache" end it { is_expected.to contain_package('httpd24-mod_ldap') } end end end end # Redhat end diff --git a/spec/classes/mod/authnz_pam_spec.rb b/spec/classes/mod/authnz_pam_spec.rb index 2438c1c8..92bc157b 100644 --- a/spec/classes/mod/authnz_pam_spec.rb +++ b/spec/classes/mod/authnz_pam_spec.rb @@ -1,44 +1,46 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::authnz_pam', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'Debian', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_package('libapache2-mod-authnz-pam') } it { is_expected.to contain_apache__mod('authnz_pam') } end # Debian context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'RedHat', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_package('mod_authnz_pam') } it { is_expected.to contain_apache__mod('authnz_pam') } end # Redhat end end diff --git a/spec/classes/mod/cluster_spec.rb b/spec/classes/mod/cluster_spec.rb index 2862b725..998ab1d7 100644 --- a/spec/classes/mod/cluster_spec.rb +++ b/spec/classes/mod/cluster_spec.rb @@ -1,102 +1,104 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::cluster', type: :class do context 'on a RedHat OS Release 7 with mod version = 1.3.0' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '7', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { allowed_network: '172.17.0', balancer_name: 'mycluster', ip: '172.17.0.1', version: '1.3.0', } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_apache__mod('proxy') } it { is_expected.to contain_apache__mod('proxy_ajp') } it { is_expected.to contain_apache__mod('manager') } it { is_expected.to contain_apache__mod('proxy_cluster') } it { is_expected.to contain_apache__mod('advertise') } it { is_expected.to contain_apache__mod('cluster_slotmem') } it { is_expected.to contain_file('cluster.conf') } end context 'on a RedHat OS Release 7 with mod version > 1.3.0' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '7', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { allowed_network: '172.17.0', balancer_name: 'mycluster', ip: '172.17.0.1', version: '1.3.1', } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_apache__mod('proxy') } it { is_expected.to contain_apache__mod('proxy_ajp') } it { is_expected.to contain_apache__mod('manager') } it { is_expected.to contain_apache__mod('proxy_cluster') } it { is_expected.to contain_apache__mod('advertise') } it { is_expected.to contain_apache__mod('cluster_slotmem') } it { is_expected.to contain_file('cluster.conf') } end context 'on a RedHat OS Release 6 with mod version < 1.3.0' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { allowed_network: '172.17.0', balancer_name: 'mycluster', ip: '172.17.0.1', version: '1.2.0', } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_apache__mod('proxy') } it { is_expected.to contain_apache__mod('proxy_ajp') } it { is_expected.to contain_apache__mod('manager') } it { is_expected.to contain_apache__mod('proxy_cluster') } it { is_expected.to contain_apache__mod('advertise') } it { is_expected.to contain_apache__mod('slotmem') } it { is_expected.to contain_file('cluster.conf') } end end diff --git a/spec/classes/mod/data_spec.rb b/spec/classes/mod/data_spec.rb index 7efb3c2a..226918d7 100644 --- a/spec/classes/mod/data_spec.rb +++ b/spec/classes/mod/data_spec.rb @@ -1,32 +1,34 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::data', type: :class do context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :params do { apache_version: '2.4' } end it { is_expected.to contain_apache__mod('data') } describe 'with Apache version < 2.3' do let :params do { apache_version: '2.2' } end it 'fails' do expect { catalogue }.to raise_error(Puppet::Error, %r{mod_data is only available in Apache 2.3 and later}) end end end end diff --git a/spec/classes/mod/dav_svn_spec.rb b/spec/classes/mod/dav_svn_spec.rb index 21d8406c..1d773b3b 100644 --- a/spec/classes/mod/dav_svn_spec.rb +++ b/spec/classes/mod/dav_svn_spec.rb @@ -1,138 +1,140 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::dav_svn', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', operatingsystemmajrelease: '8', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('libapache2-svn') } it { is_expected.to contain_file('dav_svn.load').with_content(%r{LoadModule dav_svn_module}) } describe 'with parameters' do let :params do { 'authz_svn_enabled' => true, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('libapache2-svn') } it { is_expected.to contain_apache__mod('authz_svn') } it { is_expected.to contain_file('authz_svn.load').with_content(%r{LoadModule authz_svn_module}) } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystemmajrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('mod_dav_svn') } it { is_expected.to contain_file('dav_svn.load').with_content(%r{LoadModule dav_svn_module}) } describe 'with parameters' do let :params do { 'authz_svn_enabled' => true, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('mod_dav_svn') } it { is_expected.to contain_apache__mod('authz_svn') } it { is_expected.to contain_file('dav_svn_authz_svn.load').with_content(%r{LoadModule authz_svn_module}) } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystemmajrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('devel/subversion') } it { is_expected.to contain_file('dav_svn.load').with_content(%r{LoadModule dav_svn_module}) } describe 'with parameters' do let :params do { 'authz_svn_enabled' => true, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('devel/subversion') } it { is_expected.to contain_apache__mod('authz_svn') } it { is_expected.to contain_file('dav_svn_authz_svn.load').with_content(%r{LoadModule authz_svn_module}) } end end context 'on a Gentoo OS', :compile do let :facts do { id: 'root', operatingsystemrelease: '3.16.1-gentoo', kernel: 'Linux', osfamily: 'Gentoo', operatingsystem: 'Gentoo', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('dev-vcs/subversion') } it { is_expected.to contain_file('dav_svn.load').with_content(%r{LoadModule dav_svn_module}) } describe 'with parameters' do let :params do { 'authz_svn_enabled' => true, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dav_svn') } it { is_expected.to contain_package('dev-vcs/subversion') } it { is_expected.to contain_apache__mod('authz_svn') } it { is_expected.to contain_file('dav_svn_authz_svn.load').with_content(%r{LoadModule authz_svn_module}) } end end end end diff --git a/spec/classes/mod/deflate_spec.rb b/spec/classes/mod/deflate_spec.rb index b32f6226..1770cd6c 100644 --- a/spec/classes/mod/deflate_spec.rb +++ b/spec/classes/mod/deflate_spec.rb @@ -1,127 +1,129 @@ +# frozen_string_literal: true + require 'spec_helper' # This function is called inside the OS specific contexts def general_deflate_specs it { is_expected.to contain_apache__mod('deflate') } expected = "AddOutputFilterByType DEFLATE application/rss+xml\n"\ "AddOutputFilterByType DEFLATE application/x-javascript\n"\ "AddOutputFilterByType DEFLATE text/css\n"\ "AddOutputFilterByType DEFLATE text/html\n"\ "\n"\ "DeflateFilterNote Input instream\n"\ "DeflateFilterNote Output outstream\n"\ "DeflateFilterNote Ratio ratio\n" it do is_expected.to contain_file('deflate.conf').with_content(expected) end end describe 'apache::mod::deflate', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do let :pre_condition do 'class { "apache::mod::deflate": types => [ "text/html", "text/css" , "application/x-javascript", "application/rss+xml"], notes => { "Input" => "instream", "Ratio" => "ratio", "Output" => "outstream", } } ' end context 'On a Debian OS with default params' do let :facts do { id: 'root', lsbdistcodename: 'jessie', kernel: 'Linux', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end # Load the more generic tests for this context general_deflate_specs it { is_expected.to contain_file('deflate.conf').with(ensure: 'file', path: '/etc/apache2/mods-available/deflate.conf') } it { is_expected.to contain_file('deflate.conf symlink').with(ensure: 'link', path: '/etc/apache2/mods-enabled/deflate.conf') } end context 'on a RedHat OS with default params' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end # Load the more generic tests for this context general_deflate_specs it { is_expected.to contain_file('deflate.conf').with_path('/etc/httpd/conf.d/deflate.conf') } end context 'On a FreeBSD OS with default params' do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '9', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end # Load the more generic tests for this context general_deflate_specs it { is_expected.to contain_file('deflate.conf').with(ensure: 'file', path: '/usr/local/etc/apache24/Modules/deflate.conf') } end context 'On a Gentoo OS with default params' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'Gentoo', operatingsystem: 'Gentoo', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', operatingsystemrelease: '3.16.1-gentoo', is_pe: false, } end # Load the more generic tests for this context general_deflate_specs it { is_expected.to contain_file('deflate.conf').with(ensure: 'file', path: '/etc/apache2/modules.d/deflate.conf') } end end end diff --git a/spec/classes/mod/dev_spec.rb b/spec/classes/mod/dev_spec.rb index 93046344..9294597c 100644 --- a/spec/classes/mod/dev_spec.rb +++ b/spec/classes/mod/dev_spec.rb @@ -1,34 +1,36 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::dev', type: :class do let(:pre_condition) do [ 'include apache', ] end it_behaves_like 'a mod class, without including apache' [ ['RedHat', '6', 'Santiago', 'Linux'], ['Debian', '8', 'jessie', 'Linux'], ['FreeBSD', '9', 'FreeBSD', 'FreeBSD'], ].each do |osfamily, operatingsystemrelease, lsbdistcodename, kernel| context "on a #{osfamily} OS" do let :facts do { lsbdistcodename: lsbdistcodename, osfamily: osfamily, operatingsystem: osfamily, operatingsystemrelease: operatingsystemrelease, is_pe: false, id: 'root', path: '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', kernel: kernel, } end it { is_expected.to contain_class('apache::dev') } end end end diff --git a/spec/classes/mod/dir_spec.rb b/spec/classes/mod/dir_spec.rb index f0774463..93d2246f 100644 --- a/spec/classes/mod/dir_spec.rb +++ b/spec/classes/mod/dir_spec.rb @@ -1,139 +1,141 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::dir', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', lsbdistcodename: 'jessie', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dir') } it { is_expected.to contain_file('dir.conf').with_content(%r{^DirectoryIndex }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html\.var }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.cgi }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.pl }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.php }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.xhtml$}) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do { indexes: ['example.txt', 'fearsome.aspx'] } end it { is_expected.to contain_file('dir.conf').with_content(%r{ example\.txt }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ fearsome\.aspx$}) } end end context 'default configuration with parameters on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'Redhat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dir') } it { is_expected.to contain_file('dir.conf').with_content(%r{^DirectoryIndex }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html\.var }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.cgi }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.pl }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.php }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.xhtml$}) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do { indexes: ['example.txt', 'fearsome.aspx'] } end it { is_expected.to contain_file('dir.conf').with_content(%r{ example\.txt }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ fearsome\.aspx$}) } end end context 'default configuration with parameters on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dir') } it { is_expected.to contain_file('dir.conf').with_content(%r{^DirectoryIndex }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html\.var }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.cgi }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.pl }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.php }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.xhtml$}) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do { indexes: ['example.txt', 'fearsome.aspx'] } end it { is_expected.to contain_file('dir.conf').with_content(%r{ example\.txt }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ fearsome\.aspx$}) } end end context 'default configuration with parameters on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('dir') } it { is_expected.to contain_file('dir.conf').with_content(%r{^DirectoryIndex }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.html\.var }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.cgi }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.pl }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.php }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ index\.xhtml$}) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do { indexes: ['example.txt', 'fearsome.aspx'] } end it { is_expected.to contain_file('dir.conf').with_content(%r{ example\.txt }) } it { is_expected.to contain_file('dir.conf').with_content(%r{ fearsome\.aspx$}) } end end end diff --git a/spec/classes/mod/disk_cache_spec.rb b/spec/classes/mod/disk_cache_spec.rb index 93a6b774..31ee6cd5 100644 --- a/spec/classes/mod/disk_cache_spec.rb +++ b/spec/classes/mod/disk_cache_spec.rb @@ -1,167 +1,169 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::disk_cache', type: :class do context 'on a Debian OS' do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { cache_ignore_headers: 'Set-Cookie', } end context 'with Apache version < 2.4' do let :pre_condition do 'class{ "apache": apache_version => "2.2", default_mods => ["cache"], mod_dir => "/tmp/junk", }' end it { is_expected.to compile } it { is_expected.to contain_class('apache::mod::disk_cache') } it { is_expected.to contain_apache__mod('disk_cache') } it { is_expected.to contain_file('disk_cache.conf') .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/apache2\/mod_disk_cache\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) } end context 'with Apache version >= 2.4' do let :pre_condition do 'class{ "apache": apache_version => "2.4", default_mods => ["cache"], mod_dir => "/tmp/junk", }' end it { is_expected.to compile } it { is_expected.to contain_class('apache::mod::disk_cache') } it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } it { is_expected.to contain_apache__mod('cache_disk') } it { is_expected.to contain_file('disk_cache.conf') .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/apache2\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) } end end context 'on a RedHat 6-based OS' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { cache_ignore_headers: 'Set-Cookie', } end context 'with Apache version < 2.4' do let :pre_condition do 'class{ "apache": apache_version => "2.2", default_mods => ["cache"], mod_dir => "/tmp/junk", }' end it { is_expected.to contain_apache__mod('disk_cache') } it { is_expected.to contain_file('disk_cache.conf') .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_proxy\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) } end context 'with Apache version >= 2.4' do let :pre_condition do 'class{ "apache": apache_version => "2.4", default_mods => ["cache"], mod_dir => "/tmp/junk", }' end it { is_expected.to contain_apache__mod('cache_disk') } it { is_expected.to contain_file('disk_cache.conf') .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) } end end context 'on a FreeBSD OS' do let :facts do { id: 'root', kernel: 'FreeBSD', osfamily: 'FreeBSD', operatingsystem: 'FreeBSD', operatingsystemrelease: '10', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { cache_ignore_headers: 'Set-Cookie', } end context 'with Apache version < 2.4' do let :pre_condition do 'class{ "apache": apache_version => "2.2", default_mods => ["cache"], mod_dir => "/tmp/junk", }' end it { is_expected.to compile } it { is_expected.to contain_class('apache::mod::disk_cache') } it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } it { is_expected.to contain_apache__mod('disk_cache') } it { is_expected.to contain_file('disk_cache.conf') .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_disk_cache\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) } end context 'with Apache version >= 2.4' do let :pre_condition do 'class{ "apache": apache_version => "2.4", default_mods => ["cache"], mod_dir => "/tmp/junk", }' end it { is_expected.to compile } it { is_expected.to contain_class('apache::mod::disk_cache') } it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } it { is_expected.to contain_apache__mod('cache_disk') } it { is_expected.to contain_file('disk_cache.conf') .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) } end end end diff --git a/spec/classes/mod/dumpio_spec.rb b/spec/classes/mod/dumpio_spec.rb index 6b84192e..4af592ab 100644 --- a/spec/classes/mod/dumpio_spec.rb +++ b/spec/classes/mod/dumpio_spec.rb @@ -1,53 +1,55 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::dumpio', type: :class do context 'on a Debian OS' do let :pre_condition do 'class{"apache": default_mods => false, mod_dir => "/tmp/junk", }' end let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', operatingsystemmajrelease: '8', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'default configuration fore parameters' do it { is_expected.to compile } it { is_expected.to contain_class('apache::mod::dumpio') } it { is_expected.to contain_file('dumpio.conf').with_path('/tmp/junk/dumpio.conf') } it { is_expected.to contain_file('dumpio.conf').with_content(%r{^\s*DumpIOInput\s+"Off"$}) } it { is_expected.to contain_file('dumpio.conf').with_content(%r{^\s*DumpIOOutput\s+"Off"$}) } end context 'with dumpio_input set to On' do let :params do { dump_io_input: 'On', } end it { is_expected.to contain_file('dumpio.conf').with_content(%r{^\s*DumpIOInput\s+"On"$}) } it { is_expected.to contain_file('dumpio.conf').with_content(%r{^\s*DumpIOOutput\s+"Off"$}) } end context 'with dumpio_ouput set to On' do let :params do { dump_io_output: 'On', } end it { is_expected.to contain_file('dumpio.conf').with_content(%r{^\s*DumpIOInput\s+"Off"$}) } it { is_expected.to contain_file('dumpio.conf').with_content(%r{^\s*DumpIOOutput\s+"On"$}) } end end end diff --git a/spec/classes/mod/event_spec.rb b/spec/classes/mod/event_spec.rb index 368e9561..da70fd44 100644 --- a/spec/classes/mod/event_spec.rb +++ b/spec/classes/mod/event_spec.rb @@ -1,210 +1,212 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::event', type: :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('event') } it { is_expected.to contain_file('/usr/local/etc/apache24/Modules/event.conf').with_ensure('file') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('event') } it { is_expected.to contain_file('/etc/apache2/modules.d/event.conf').with_ensure('file') } end context 'on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('event') } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/apache2/mods-enabled/event.conf').with_ensure('link') } context 'Test mpm_event new params' do let :params do { serverlimit: '0', startservers: '1', maxclients: '2', minsparethreads: '3', maxsparethreads: '4', threadsperchild: '5', maxrequestsperchild: '6', threadlimit: '7', listenbacklog: '8', maxrequestworkers: '9', maxconnectionsperchild: '10', } end it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ServerLimit\s*0}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*StartServers\s*1}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxClients}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MinSpareThreads\s*3}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxSpareThreads\s*4}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadsPerChild\s*5}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestsPerChild}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadLimit\s*7}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ListenBacklog\s*8}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxRequestWorkers\s*9}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxConnectionsPerChild\s*10}) } end context 'Test mpm_event old style params' do let :params do { serverlimit: '0', startservers: '1', maxclients: '2', minsparethreads: '3', maxsparethreads: '4', threadsperchild: '5', maxrequestsperchild: '6', threadlimit: '7', listenbacklog: '8', maxrequestworkers: :undef, maxconnectionsperchild: :undef, } end it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ServerLimit\s*0}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*StartServers\s*1}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxClients\s*2}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MinSpareThreads\s*3}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxSpareThreads\s*4}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadsPerChild\s*5}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxRequestsPerChild\s*6}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadLimit\s*7}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ListenBacklog\s*8}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestWorkers}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxConnectionsPerChild}) } end context 'Test mpm_event false params' do let :params do { serverlimit: false, startservers: false, maxclients: false, minsparethreads: false, maxsparethreads: false, threadsperchild: false, maxrequestsperchild: false, threadlimit: false, listenbacklog: false, maxrequestworkers: false, maxconnectionsperchild: false, } end it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ServerLimit}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*StartServers}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxClients}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MinSpareThreads}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxSpareThreads}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ThreadsPerChild}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestsPerChild}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ThreadLimit}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ListenBacklog}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestWorkers}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxConnectionsPerChild}) } end context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.not_to contain_file('/etc/apache2/mods-available/event.load') } it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/event.load') } it { is_expected.to contain_package('apache2-mpm-event') } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', } end it { is_expected.to contain_file('/etc/apache2/mods-available/event.load').with('ensure' => 'file', 'content' => "LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so\n") } it { is_expected.to contain_file('/etc/apache2/mods-enabled/event.load').with_ensure('link') } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } it { is_expected.not_to contain_apache__mod('prefork') } it { is_expected.to contain_file('/etc/httpd/conf.d/event.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/httpd/conf.d/event.load').with('ensure' => 'file', 'content' => "LoadModule mpm_event_module modules/mod_mpm_event.so\n") } end end end diff --git a/spec/classes/mod/expires_spec.rb b/spec/classes/mod/expires_spec.rb index d79158c0..c01ca257 100644 --- a/spec/classes/mod/expires_spec.rb +++ b/spec/classes/mod/expires_spec.rb @@ -1,85 +1,87 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::expires', type: :class do it_behaves_like 'a mod class, without including apache' context 'with expires active', :compile do let :facts do { id: 'root', kernel: 'Linux', lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('expires') } it { is_expected.to contain_file('expires.conf').with(content: %r{ExpiresActive On\n}) } end context 'with expires default', :compile do let :pre_condition do 'class { apache: default_mods => false }' end let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '7', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { 'expires_default' => 'access plus 1 month', } end it { is_expected.to contain_apache__mod('expires') } it { is_expected.to contain_file('expires.conf').with_content( "ExpiresActive On\n" \ "ExpiresDefault \"access plus 1 month\"\n", ) } end context 'with expires by type', :compile do let :pre_condition do 'class { apache: default_mods => false }' end let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '7', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { 'expires_by_type' => [ { 'text/json' => 'mod plus 1 day' }, { 'text/html' => 'access plus 1 year' }, ], } end it { is_expected.to contain_apache__mod('expires') } it { is_expected.to contain_file('expires.conf').with_content( "ExpiresActive On\n" \ "ExpiresByType text/json \"mod plus 1 day\"\n" \ "ExpiresByType text/html \"access plus 1 year\"\n", ) } end end diff --git a/spec/classes/mod/ext_filter_spec.rb b/spec/classes/mod/ext_filter_spec.rb index 78bc0a93..1d7d4c6d 100644 --- a/spec/classes/mod/ext_filter_spec.rb +++ b/spec/classes/mod/ext_filter_spec.rb @@ -1,63 +1,65 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::ext_filter', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', fqdn: 'test.example.com', is_pe: false, } end describe 'with no parameters' do it { is_expected.to contain_apache__mod('ext_filter') } it { is_expected.not_to contain_file('ext_filter.conf') } end describe 'with parameters' do let :params do { ext_filter_define: { 'filtA' => 'input=A output=B', 'filtB' => 'input=C cmd="C"' } } end it { is_expected.to contain_file('ext_filter.conf').with_content(%r{^ExtFilterDefine\s+filtA\s+input=A output=B$}) } it { is_expected.to contain_file('ext_filter.conf').with_content(%r{^ExtFilterDefine\s+filtB\s+input=C cmd="C"$}) } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', fqdn: 'test.example.com', is_pe: false, } end describe 'with no parameters' do it { is_expected.to contain_apache__mod('ext_filter') } it { is_expected.not_to contain_file('ext_filter.conf') } end describe 'with parameters' do let :params do { ext_filter_define: { 'filtA' => 'input=A output=B', 'filtB' => 'input=C cmd="C"' } } end it { is_expected.to contain_file('ext_filter.conf').with_path('/etc/httpd/conf.d/ext_filter.conf') } it { is_expected.to contain_file('ext_filter.conf').with_content(%r{^ExtFilterDefine\s+filtA\s+input=A output=B$}) } it { is_expected.to contain_file('ext_filter.conf').with_content(%r{^ExtFilterDefine\s+filtB\s+input=C cmd="C"$}) } end end end diff --git a/spec/classes/mod/fastcgi_spec.rb b/spec/classes/mod/fastcgi_spec.rb index 1e054a9f..702ed060 100644 --- a/spec/classes/mod/fastcgi_spec.rb +++ b/spec/classes/mod/fastcgi_spec.rb @@ -1,40 +1,42 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::fastcgi', type: :class do on_supported_os.each do |os, facts| context "on #{os} " do let :facts do facts end context 'with all defaults' do case facts[:os]['name'] when 'Debian' it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fastcgi') } it { is_expected.to contain_package('libapache2-mod-fastcgi') } it { is_expected.to contain_file('fastcgi.conf') } when 'RedHat', 'CentOS', 'OracleLinux', 'Scientific' if facts[:os]['release']['major'].to_i < 7 it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fastcgi') } it { is_expected.to contain_package('mod_fastcgi') } it { is_expected.not_to contain_file('fastcgi.conf') } else it { is_expected.not_to compile } end when 'Ubuntu' if facts[:os]['release']['major'].to_i < 18 it { is_expected.to compile.with_all_deps } else it { is_expected.not_to compile } end else it { is_expected.to compile.with_all_deps } end end end end end diff --git a/spec/classes/mod/fcgid_spec.rb b/spec/classes/mod/fcgid_spec.rb index da091a41..08205ec4 100644 --- a/spec/classes/mod/fcgid_spec.rb +++ b/spec/classes/mod/fcgid_spec.rb @@ -1,140 +1,142 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::fcgid', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', operatingsystemmajrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fcgid').with('loadfile_name' => nil) } it { is_expected.to contain_package('libapache2-mod-fcgid') } end context 'on a RHEL6' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystemmajrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end describe 'without parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fcgid').with('loadfile_name' => nil) } it { is_expected.to contain_package('mod_fcgid') } end describe 'with parameters' do let :params do { options: { 'FcgidIPCDir' => '/var/run/fcgidsock', 'SharememPath' => '/var/run/fcgid_shm', 'FcgidMinProcessesPerClass' => '0', 'AddHandler' => 'fcgid-script .fcgi', }, } end expected = [ '', ' AddHandler fcgid-script .fcgi', ' FcgidIPCDir /var/run/fcgidsock', ' FcgidMinProcessesPerClass 0', ' SharememPath /var/run/fcgid_shm', '', ] it 'contains the correct config' do content = catalogue.resource('file', 'fcgid.conf').send(:parameters)[:content] expect(content.split("\n").reject { |c| c =~ %r{(^#|^$)} }).to eq(expected) end end end context 'on RHEL7' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '7', operatingsystemmajrelease: '7', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end describe 'without parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fcgid').with('loadfile_name' => 'unixd_fcgid.load') } it { is_expected.to contain_package('mod_fcgid') } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '10', operatingsystemmajrelease: '10', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fcgid').with('loadfile_name' => 'unixd_fcgid.load') } it { is_expected.to contain_package('www/mod_fcgid') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('fcgid').with('loadfile_name' => nil) } it { is_expected.to contain_package('www-apache/mod_fcgid') } end end diff --git a/spec/classes/mod/http2_spec.rb b/spec/classes/mod/http2_spec.rb index d1a9c4b5..978eb63f 100644 --- a/spec/classes/mod/http2_spec.rb +++ b/spec/classes/mod/http2_spec.rb @@ -1,98 +1,100 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::http2', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'Debian', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::mod::http2') } context 'with default values' do let(:expected_content) do <\n" it { is_expected.to contain_file('info.conf').with_content(expected) } end context 'passing restrict_access => false' do let :params do { restrict_access: false, } end it { is_expected.to contain_file('info.conf').with_content( "\n"\ " SetHandler server-info\n"\ "\n", ) } end context "passing allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']" do let :params do { allow_from: ['10.10.1.2', '192.168.1.2', '127.0.0.1'] } end expected = "\n"\ " SetHandler server-info\n"\ " Order deny,allow\n"\ " Deny from all\n"\ " Allow from 10.10.1.2\n"\ " Allow from 192.168.1.2\n"\ " Allow from 127.0.0.1\n"\ "\n" it { is_expected.to contain_file('info.conf').with_content(expected) } end context 'passing both restrict_access and allow_from' do let :params do { restrict_access: false, allow_from: ['10.10.1.2', '192.168.1.2', '127.0.0.1'], } end it { is_expected.to contain_file('info.conf').with_content( "\n"\ " SetHandler server-info\n"\ "\n", ) } end end -def general_info_specs_24 +def general_info_specs_apache24 it { is_expected.to contain_apache__mod('info') } context 'passing no parameters' do expected = "\n"\ " SetHandler server-info\n"\ " Require ip 127.0.0.1 ::1\n"\ "\n" it { is_expected.to contain_file('info.conf').with_content(expected) } end context 'passing restrict_access => false' do let :params do { restrict_access: false, } end it { is_expected.to contain_file('info.conf').with_content( "\n"\ " SetHandler server-info\n"\ "\n", ) } end context "passing allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']" do let :params do { allow_from: ['10.10.1.2', '192.168.1.2', '127.0.0.1'] } end expected = "\n"\ " SetHandler server-info\n"\ " Require ip 10.10.1.2 192.168.1.2 127.0.0.1\n"\ "\n" it { is_expected.to contain_file('info.conf').with_content(expected) } end context 'passing both restrict_access and allow_from' do let :params do { restrict_access: false, allow_from: ['10.10.1.2', '192.168.1.2', '127.0.0.1'], } end it { is_expected.to contain_file('info.conf').with_content( "\n"\ " SetHandler server-info\n"\ "\n", ) } end end describe 'apache::mod::info', type: :class do it_behaves_like 'a mod class, without including apache' context 'On a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'squeeze', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end # Load the more generic tests for this context - general_info_specs_22 + general_info_specs_apache22 it { is_expected.to contain_file('info.conf').with(ensure: 'file', path: '/etc/apache2/mods-available/info.conf') } it { is_expected.to contain_file('info.conf symlink').with(ensure: 'link', path: '/etc/apache2/mods-enabled/info.conf') } end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end # Load the more generic tests for this context - general_info_specs_22 + general_info_specs_apache22 it { is_expected.to contain_file('info.conf').with(ensure: 'file', path: '/etc/httpd/conf.d/info.conf') } end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '10', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end # Load the more generic tests for this context - general_info_specs_24 + general_info_specs_apache24 it { is_expected.to contain_file('info.conf').with(ensure: 'file', path: '/usr/local/etc/apache24/Modules/info.conf') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end # Load the more generic tests for this context - general_info_specs_24 + general_info_specs_apache24 it { is_expected.to contain_file('info.conf').with(ensure: 'file', path: '/etc/apache2/modules.d/info.conf') } end end diff --git a/spec/classes/mod/intercept_form_submit_spec.rb b/spec/classes/mod/intercept_form_submit_spec.rb index 16238145..45045cbd 100644 --- a/spec/classes/mod/intercept_form_submit_spec.rb +++ b/spec/classes/mod/intercept_form_submit_spec.rb @@ -1,44 +1,46 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::intercept_form_submit', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'Debian', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_package('libapache2-mod-intercept-form-submit') } it { is_expected.to contain_apache__mod('intercept_form_submit') } end # Debian context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', id: 'root', kernel: 'Linux', operatingsystem: 'RedHat', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_package('mod_intercept_form_submit') } it { is_expected.to contain_apache__mod('intercept_form_submit') } end # Redhat end end diff --git a/spec/classes/mod/itk_spec.rb b/spec/classes/mod/itk_spec.rb index 1c010d4b..0e7956e5 100644 --- a/spec/classes/mod/itk_spec.rb +++ b/spec/classes/mod/itk_spec.rb @@ -1,196 +1,198 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::itk', type: :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('itk') } it { is_expected.to contain_file('/etc/apache2/mods-available/itk.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/apache2/mods-enabled/itk.conf').with_ensure('link') } context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.not_to contain_file('/etc/apache2/mods-available/itk.load') } it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/itk.load') } it { is_expected.to contain_package('apache2-mpm-itk') } end context 'with Apache version < 2.4 with enablecapabilities set' do let :params do { apache_version: '2.2', enablecapabilities: true, } end it { is_expected.not_to contain_file('/etc/apache2/mods-available/itk.conf').with_content(%r{EnableCapabilities}) } end context 'with Apache version >= 2.4' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end let :params do { apache_version: '2.4', } end it { is_expected.to contain_file('/etc/apache2/mods-available/itk.load').with('ensure' => 'file', 'content' => "LoadModule mpm_itk_module /usr/lib/apache2/modules/mod_mpm_itk.so\n") } it { is_expected.to contain_file('/etc/apache2/mods-enabled/itk.load').with_ensure('link') } end context 'with Apache version >= 2.4 with enablecapabilities not set' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end let :params do { apache_version: '2.4', } end it { is_expected.not_to contain_file('/etc/apache2/mods-available/itk.conf').with_content(%r{EnableCapabilities}) } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('itk') } it { is_expected.to contain_file('/etc/httpd/conf.d/itk.conf').with_ensure('file') } it { is_expected.to contain_package('httpd-itk') } context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.to contain_file_line('/etc/sysconfig/httpd itk enable').with('require' => 'Package[httpd]') } end context 'with Apache version < 2.4 with enablecapabilities set' do let :params do { apache_version: '2.2', enablecapabilities: 'On', } end it { is_expected.not_to contain_file('/etc/httpd/conf.d/itk.conf').with_content(%r{EnableCapabilities}) } end context 'with Apache version >= 2.4' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end let :params do { apache_version: '2.4', } end it { is_expected.to contain_file('/etc/httpd/conf.d/itk.load').with('ensure' => 'file', 'content' => "LoadModule mpm_itk_module modules/mod_mpm_itk.so\n") } end context 'with Apache version >= 2.4 with enablecapabilities set' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end let :params do { apache_version: '2.4', enablecapabilities: false, } end it { is_expected.to contain_file('/etc/httpd/conf.d/itk.conf').with_content(%r{EnableCapabilities Off}) } end end context 'on a FreeBSD OS' do let :pre_condition do 'class { "apache": mpm_module => false, }' end let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '10', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, mpm_module: 'itk', } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('itk') } it { is_expected.to contain_file('/usr/local/etc/apache24/Modules/itk.conf').with_ensure('file') } it { is_expected.to contain_package('www/mod_mpm_itk') } context 'with Apache version < 2.4 with enablecapabilities not set' do let :params do { apache_version: '2.2', } end it { is_expected.not_to contain_file('/usr/local/etc/apache24/Modules/itk.conf').with_content(%r{EnableCapabilities}) } end context 'with Apache version >= 2.4 with enablecapabilities set' do let :params do { apache_version: '2.4', enablecapabilities: true, } end it { is_expected.to contain_file('/usr/local/etc/apache24/Modules/itk.conf').with_content(%r{EnableCapabilities On}) } end end end diff --git a/spec/classes/mod/jk_spec.rb b/spec/classes/mod/jk_spec.rb index a8a4d5b9..84c09bc5 100644 --- a/spec/classes/mod/jk_spec.rb +++ b/spec/classes/mod/jk_spec.rb @@ -1,244 +1,246 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::jk', type: :class do it_behaves_like 'a mod class, without including apache' shared_examples 'minimal resources' do |mod_dir| it { is_expected.to compile } it { is_expected.to compile.with_all_deps } it { is_expected.to create_class('apache::mod::jk') } it { is_expected.to contain_class('apache') } it { is_expected.to contain_apache__mod('jk') } it { is_expected.to contain_file('jk.conf').that_notifies('Class[apache::service]') } it { is_expected.to contain_file('jk.conf').with(path: "#{mod_dir}/jk.conf") } end shared_examples 'specific workers_file' do |mod_dir| # let(:pre_condition) do # 'include apache' # end let(:params) do { workers_file: "#{mod_dir}/workers.properties", workers_file_content: { 'worker_a' => { 'type' => 'ajp13', 'socket_keepalive' => 'true', 'comment' => 'This is worker A', }, 'worker_b' => { 'type' => 'ajp13', 'socket_keepalive' => 'true', 'comment' => 'This is worker B', }, 'worker_maintain' => 40, 'worker_lists' => ['worker_a,worker_b'], }, } end it { is_expected.to compile } it { is_expected.to compile.with_all_deps } expected_content = "# This file is generated automatically by Puppet - DO NOT EDIT\n"\ "# Any manual changes will be overwritten\n"\ "\n"\ "worker.list = worker_a,worker_b\n"\ "\n"\ "worker.maintain = 40\n"\ "\n"\ "# This is worker A\n"\ "worker.worker_a.socket_keepalive=true\n"\ "worker.worker_a.type=ajp13\n"\ "\n"\ "# This is worker B\n"\ "worker.worker_b.socket_keepalive=true\n"\ "worker.worker_b.type=ajp13\n" it { is_expected.to contain_file("#{mod_dir}/workers.properties").with_content(expected_content) } end default_ip = '192.168.1.1' altern8_ip = '10.1.2.3' default_port = 80 altern8_port = 8008 context 'RHEL 6 with only required facts and default parameters' do let(:facts) do { osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', ipaddress: default_ip, } end let(:pre_condition) do 'include apache' end let(:params) do { logroot: '/var/log/httpd', } end let(:mod_dir) { mod_dir } mod_dir = '/etc/httpd/conf.d' it_behaves_like 'minimal resources', mod_dir it_behaves_like 'specific workers_file', mod_dir it { is_expected.to contain_apache__listen("#{default_ip}:#{default_port}") } it { verify_contents(catalogue, 'jk.conf', ['', '']) } end context 'Debian 8 with only required facts and default parameters' do let(:facts) do { osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', ipaddress: default_ip, } end let(:pre_condition) do 'include apache' end let(:params) do { logroot: '/var/log/apache2', } end let(:mod_dir) { mod_dir } mod_dir = '/etc/apache2/mods-available' it_behaves_like 'minimal resources', mod_dir it_behaves_like 'specific workers_file', mod_dir it { is_expected.to contain_apache__listen("#{default_ip}:#{default_port}") } it { is_expected.to contain_package('libapache2-mod-jk') } it { verify_contents(catalogue, 'jk.conf', ['', '']) } end context 'RHEL 6 with required facts and alternative IP' do let(:facts) do { osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', ipaddress: default_ip, } end let(:pre_condition) do 'include apache' end let(:params) do { ip: altern8_ip, logroot: '/var/log/httpd', } end it { is_expected.to contain_apache__listen("#{altern8_ip}:#{default_port}") } end context 'RHEL 6 with required facts and alternative port' do let(:facts) do { osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', ipaddress: default_ip, } end let(:pre_condition) do 'include apache' end let(:params) do { port: altern8_port, logroot: '/var/log/httpd', } end it { is_expected.to contain_apache__listen("#{default_ip}:#{altern8_port}") } end context 'RHEL 6 with required facts and no binding' do let(:facts) do { osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', ipaddress: default_ip, } end let(:pre_condition) do 'include apache' end let(:params) do { add_listen: false, logroot: '/var/log/httpd', } end it { is_expected.not_to contain_apache__listen("#{default_ip}:#{default_port}") } end { default: { shm_file: :undef, log_file: :undef, shm_path: '/var/log/httpd/jk-runtime-status', log_path: '/var/log/httpd/mod_jk.log', }, relative: { shm_file: 'shm_file', log_file: 'log_file', shm_path: '/var/log/httpd/shm_file', log_path: '/var/log/httpd/log_file', }, absolute: { shm_file: '/run/shm_file', log_file: '/tmp/log_file', shm_path: '/run/shm_file', log_path: '/tmp/log_file', }, pipe: { shm_file: :undef, log_file: '"|rotatelogs /var/log/httpd/mod_jk.log.%Y%m%d 86400 -180"', shm_path: '/var/log/httpd/jk-runtime-status', log_path: '"|rotatelogs /var/log/httpd/mod_jk.log.%Y%m%d 86400 -180"', }, }.each do |option, paths| context "RHEL 6 with #{option} shm_file and log_file paths" do let(:facts) do { osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', } end let(:pre_condition) do 'include apache' end let(:params) do { logroot: '/var/log/httpd', shm_file: paths[:shm_file], log_file: paths[:log_file], } end expected = "# This file is generated automatically by Puppet - DO NOT EDIT\n"\ "# Any manual changes will be overwritten\n"\ "\n"\ "\n"\ " JkShmFile #{paths[:shm_path]}\n"\ " JkLogFile #{paths[:log_path]}\n"\ "\n" it { is_expected.to contain_file('jk.conf').with_content(expected) } end end end diff --git a/spec/classes/mod/ldap_spec.rb b/spec/classes/mod/ldap_spec.rb index b9cb9dfb..e95a33cf 100644 --- a/spec/classes/mod/ldap_spec.rb +++ b/spec/classes/mod/ldap_spec.rb @@ -1,116 +1,118 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::ldap', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'Debian', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::ldap') } it { is_expected.to contain_apache__mod('ldap') } context 'default ldap_trusted_global_cert_file' do it { is_expected.to contain_file('ldap.conf').without_content(%r{^LDAPTrustedGlobalCert}) } end context 'ldap_trusted_global_cert_file param' do let(:params) { { ldap_trusted_global_cert_file: 'ca.pem' } } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$}) } end context 'set multiple ldap params' do let(:params) do { ldap_trusted_global_cert_file: 'ca.pem', ldap_trusted_global_cert_type: 'CA_DER', ldap_trusted_mode: 'TLS', ldap_shared_cache_size: '500000', ldap_cache_entries: '1024', ldap_cache_ttl: '600', ldap_opcache_entries: '1024', ldap_opcache_ttl: '600', ldap_path: '/custom-ldap-status', } end it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPTrustedGlobalCert CA_DER ca\.pem$}) } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPTrustedMode TLS$}) } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPSharedCacheSize 500000$}) } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPCacheEntries 1024$}) } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPCacheTTL 600$}) } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPOpCacheEntries 1024$}) } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPOpCacheTTL 600$}) } expected_ldap_path_re = "\n"\ "\s*SetHandler ldap-status\n"\ ".*\n"\ "\n" it { is_expected.to contain_file('ldap.conf').with_content(%r{#{expected_ldap_path_re}}m) } end end # Debian context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', id: 'root', kernel: 'Linux', operatingsystem: 'RedHat', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::ldap') } it { is_expected.to contain_apache__mod('ldap') } context 'default ldap_trusted_global_cert_file' do it { is_expected.to contain_file('ldap.conf').without_content(%r{^LDAPTrustedGlobalCert}) } end context 'ldap_trusted_global_cert_file param' do let(:params) { { ldap_trusted_global_cert_file: 'ca.pem' } } it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$}) } end context 'ldap_trusted_global_cert_file and ldap_trusted_global_cert_type params' do let(:params) do { ldap_trusted_global_cert_file: 'ca.pem', ldap_trusted_global_cert_type: 'CA_DER', } end it { is_expected.to contain_file('ldap.conf').with_content(%r{^LDAPTrustedGlobalCert CA_DER ca\.pem$}) } end context 'SCL' do let(:pre_condition) do "class { 'apache::version': scl_httpd_version => '2.4', scl_php_version => '7.0', } include apache" end it { is_expected.to contain_package('httpd24-mod_ldap') } end end # Redhat end diff --git a/spec/classes/mod/lookup_identity.rb b/spec/classes/mod/lookup_identity.rb index 5fae97d0..33c8017e 100644 --- a/spec/classes/mod/lookup_identity.rb +++ b/spec/classes/mod/lookup_identity.rb @@ -1,44 +1,46 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::lookup_identity', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian OS' do let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', id: 'root', kernel: 'Linux', operatingsystem: 'Debian', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_package('libapache2-mod-lookup-identity') } it { is_expected.to contain_apache__mod('lookup_identity') } end # Debian context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', id: 'root', kernel: 'Linux', operatingsystem: 'RedHat', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache') } it { is_expected.to contain_package('mod_lookup_identity') } it { is_expected.to contain_apache__mod('lookup_identity') } end # Redhat end end diff --git a/spec/classes/mod/md_spec.rb b/spec/classes/mod/md_spec.rb index 11fe1599..738671d0 100644 --- a/spec/classes/mod/md_spec.rb +++ b/spec/classes/mod/md_spec.rb @@ -1,199 +1,201 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::md', type: :class do on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end if facts[:os]['family'] == 'Debian' context 'validating all md params - using Debian' do md_options = { 'md_activation_delay' => { type: 'Duration', pass_opt: 'MDActivationDelay' }, 'md_base_server' => { type: 'OnOff', pass_opt: 'MDBaseServer' }, 'md_ca_challenges' => { type: 'CAChallenges', pass_opt: 'MDCAChallenges' }, 'md_certificate_agreement' => { type: 'MDCertificateAgreement', pass_opt: 'MDCertificateAgreement' }, 'md_certificate_authority' => { type: 'URL', pass_opt: 'MDCertificateAuthority' }, 'md_certificate_check' => { type: 'String', pass_opt: 'MDCertificateCheck' }, 'md_certificate_monitor' => { type: 'URL', pass_opt: 'MDCertificateMonitor' }, 'md_certificate_protocol' => { type: 'MDCertificateProtocol', pass_opt: 'MDCertificateProtocol' }, 'md_certificate_status' => { type: 'OnOff', pass_opt: 'MDCertificateStatus' }, 'md_challenge_dns01' => { type: 'Path', pass_opt: 'MDChallengeDns01' }, 'md_contact_email' => { type: 'EMail', pass_opt: 'MDContactEmail' }, 'md_http_proxy' => { type: 'URL', pass_opt: 'MDHttpProxy' }, 'md_members' => { type: 'MDMembers', pass_opt: 'MDMembers' }, 'md_message_cmd' => { type: 'Path', pass_opt: 'MDMessageCmd' }, 'md_must_staple' => { type: 'OnOff', pass_opt: 'MDMustStaple' }, 'md_notify_cmd' => { type: 'Path', pass_opt: 'MDNotifyCmd' }, 'md_port_map' => { type: 'String', pass_opt: 'MDPortMap' }, 'md_private_keys' => { type: 'String', pass_opt: 'MDPrivateKeys' }, 'md_renew_mode' => { type: 'MDRenewMode', pass_opt: 'MDRenewMode' }, 'md_renew_window' => { type: 'Duration', pass_opt: 'MDRenewWindow' }, 'md_require_https' => { type: 'MDRequireHttps', pass_opt: 'MDRequireHttps' }, 'md_server_status' => { type: 'OnOff', pass_opt: 'MDServerStatus' }, 'md_staple_others' => { type: 'OnOff', pass_opt: 'MDStapleOthers' }, 'md_stapling' => { type: 'OnOff', pass_opt: 'MDStapling' }, 'md_stapling_keep_response' => { type: 'Duration', pass_opt: 'MDStaplingKeepResponse' }, 'md_stapling_renew_window' => { type: 'Duration', pass_opt: 'MDStaplingRenewWindow' }, 'md_store_dir' => { type: 'Path', pass_opt: 'MDStoreDir' }, 'md_warn_window' => { type: 'Duration', pass_opt: 'MDWarnWindow' }, } md_options.each do |config_option, config_hash| puppetized_config_option = config_option case config_hash[:type] when 'CAChallenges' valid_config_values = [['dns-01'], ['tls-alpn-01', 'http-01']] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => #{valid_value}" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value.join(' ')}}) } end end when 'EMail' valid_config_values = ['root@example.com'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => #{valid_value}" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'Duration' valid_config_values = ['7d', '33%'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'MDCertificateAgreement' valid_config_values = ['accepted'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'MDCertificateProtocol' valid_config_values = ['ACME'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'MDMembers' valid_config_values = ['auto', 'manual'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'MDRenewMode' valid_config_values = ['always', 'auto', 'manual'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'MDRequireHttps' valid_config_values = ['off', 'temporary', 'permanent'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'OnOff' valid_config_values = ['on', 'off'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'Path' valid_config_values = ['/some/path/to/somewhere'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => #{valid_value}" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} "#{valid_value}"$}) } end end when 'String' valid_config_values = ['a random string'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'URL' valid_config_values = ['https://example.com/example'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end else valid_config_values = config_hash[:type] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('md.conf').with_content(%r{^#{config_hash[:pass_opt]} #{valid_value}$}) } end end end end end end it { is_expected.to contain_class('apache::mod::watchdog') } it { is_expected.to contain_apache__mod('md') } it { is_expected.to contain_file('md.conf') } end end end diff --git a/spec/classes/mod/mime_magic_spec.rb b/spec/classes/mod/mime_magic_spec.rb index 6d01ed5f..28fcfe03 100644 --- a/spec/classes/mod/mime_magic_spec.rb +++ b/spec/classes/mod/mime_magic_spec.rb @@ -1,103 +1,105 @@ +# frozen_string_literal: true + require 'spec_helper' # This function is called inside the OS specific contexts def general_mime_magic_specs it { is_expected.to contain_apache__mod('mime_magic') } end describe 'apache::mod::mime_magic', type: :class do it_behaves_like 'a mod class, without including apache' context 'On a Debian OS with default params' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end general_mime_magic_specs it do is_expected.to contain_file('mime_magic.conf').with_content( "MIMEMagicFile \"/etc/apache2/magic\"\n", ) end it { is_expected.to contain_file('mime_magic.conf').with(ensure: 'file', path: '/etc/apache2/mods-available/mime_magic.conf') } it { is_expected.to contain_file('mime_magic.conf symlink').with(ensure: 'link', path: '/etc/apache2/mods-enabled/mime_magic.conf') } context 'with magic_file => /tmp/Debian_magic' do let :params do { magic_file: '/tmp/Debian_magic' } end it do is_expected.to contain_file('mime_magic.conf').with_content( "MIMEMagicFile \"/tmp/Debian_magic\"\n", ) end end end context 'on a RedHat OS with default params' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end general_mime_magic_specs it do is_expected.to contain_file('mime_magic.conf').with_content( "MIMEMagicFile \"/etc/httpd/conf/magic\"\n", ) end it { is_expected.to contain_file('mime_magic.conf').with_path('/etc/httpd/conf.d/mime_magic.conf') } end context 'with magic_file => /tmp/magic' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { magic_file: '/tmp/magic' } end it do is_expected.to contain_file('mime_magic.conf').with_content( "MIMEMagicFile \"/tmp/magic\"\n", ) end end end diff --git a/spec/classes/mod/mime_spec.rb b/spec/classes/mod/mime_spec.rb index 6fbba65a..a2b53824 100644 --- a/spec/classes/mod/mime_spec.rb +++ b/spec/classes/mod/mime_spec.rb @@ -1,54 +1,56 @@ +# frozen_string_literal: true + require 'spec_helper' # This function is called inside the OS specific conte, :compilexts def general_mime_specs it { is_expected.to contain_apache__mod('mime') } it do is_expected.to contain_file('mime.conf').with_content(%r{AddHandler type-map var}) is_expected.to contain_file('mime.conf').with_content(%r{ddOutputFilter INCLUDES .shtml}) is_expected.to contain_file('mime.conf').with_content(%r{AddType text/html .shtml}) is_expected.to contain_file('mime.conf').with_content(%r{AddType application/x-compress .Z}) end end describe 'apache::mod::mime', type: :class do it_behaves_like 'a mod class, without including apache' context 'On a Debian OS with default params', :compile do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end general_mime_specs it { is_expected.to contain_file('mime.conf').with_path('/etc/apache2/mods-available/mime.conf') } end context 'on a RedHat OS with default params', :compile do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end general_mime_specs it { is_expected.to contain_file('mime.conf').with_path('/etc/httpd/conf.d/mime.conf') } end end diff --git a/spec/classes/mod/negotiation_spec.rb b/spec/classes/mod/negotiation_spec.rb index 4d23bf6a..63c24acd 100644 --- a/spec/classes/mod/negotiation_spec.rb +++ b/spec/classes/mod/negotiation_spec.rb @@ -1,51 +1,53 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::negotiation', type: :class do it_behaves_like 'a mod class, without including apache' describe 'OS independent tests' do let :facts do { osfamily: 'Debian', operatingsystem: 'Debian', kernel: 'Linux', lsbdistcodename: 'jessie', operatingsystemrelease: '8', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'default params' do it { is_expected.to contain_class('apache') } it do is_expected.to contain_file('negotiation.conf').with(ensure: 'file', content: 'LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW ForceLanguagePriority Prefer Fallback ') end end context 'with force_language_priority parameter' do let :params do { force_language_priority: 'Prefer' } end it do is_expected.to contain_file('negotiation.conf').with(ensure: 'file', content: %r{^ForceLanguagePriority Prefer$}) end end context 'with language_priority parameter' do let :params do { language_priority: ['en', 'es'] } end it do is_expected.to contain_file('negotiation.conf').with(ensure: 'file', content: %r{^LanguagePriority en es$}) end end end end diff --git a/spec/classes/mod/pagespeed_spec.rb b/spec/classes/mod/pagespeed_spec.rb index 171b7672..a6c26290 100644 --- a/spec/classes/mod/pagespeed_spec.rb +++ b/spec/classes/mod/pagespeed_spec.rb @@ -1,57 +1,59 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::pagespeed', type: :class do context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('pagespeed') } it { is_expected.to contain_package('mod-pagespeed-stable') } context 'when setting additional_configuration to a Hash' do let :params do { additional_configuration: { 'Key' => 'Value' } } end it { is_expected.to contain_file('pagespeed.conf').with_content %r{Key Value} } end context 'when setting additional_configuration to an Array' do let :params do { additional_configuration: ['Key Value'] } end it { is_expected.to contain_file('pagespeed.conf').with_content %r{Key Value} } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('pagespeed') } it { is_expected.to contain_package('mod-pagespeed-stable') } it { is_expected.to contain_file('pagespeed.conf') } end end diff --git a/spec/classes/mod/passenger_spec.rb b/spec/classes/mod/passenger_spec.rb index 699cc9bb..f2c7152a 100644 --- a/spec/classes/mod/passenger_spec.rb +++ b/spec/classes/mod/passenger_spec.rb @@ -1,477 +1,479 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::passenger', type: :class do on_supported_os.each do |os, facts| context "on #{os} " do let :facts do facts end case facts[:os]['family'] when 'Debian' context 'validating all passenger params - using Debian' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('passenger') } it { is_expected.to contain_package('libapache2-mod-passenger') } it { is_expected.to contain_file('zpassenger.load').with('path' => '/etc/apache2/mods-available/zpassenger.load') } it { is_expected.to contain_file('passenger.conf').with('path' => '/etc/apache2/mods-available/passenger.conf') } passenger_config_options = { 'passenger_allow_encoded_slashes' => { type: 'OnOff', pass_opt: :PassengerAllowEncodedSlashes }, 'passenger_anonymous_telemetry_proxy' => { type: 'String', pass_opt: :PassengerAnonymousTelemetryProxy }, 'passenger_app_env' => { type: 'String', pass_opt: :PassengerAppEnv }, 'passenger_app_group_name' => { type: 'String', pass_opt: :PassengerAppGroupName }, 'passenger_app_root' => { type: 'FullPath', pass_opt: :PassengerAppRoot }, 'passenger_app_type' => { type: 'String', pass_opt: :PassengerAppType }, 'passenger_base_uri' => { type: 'URI', pass_opt: :PassengerBaseURI }, 'passenger_buffer_response' => { type: 'OnOff', pass_opt: :PassengerBufferResponse }, 'passenger_buffer_upload' => { type: 'OnOff', pass_opt: :PassengerBufferUpload }, 'passenger_concurrency_model' => { type: ['process', 'thread'], pass_opt: :PassengerConcurrencyModel }, 'passenger_data_buffer_dir' => { type: 'FullPath', pass_opt: :PassengerDataBufferDir }, 'passenger_debug_log_file' => { type: 'String', pass_opt: :PassengerDebugLogFile }, 'passenger_debugger' => { type: 'OnOff', pass_opt: :PassengerDebugger }, 'passenger_default_group' => { type: 'String', pass_opt: :PassengerDefaultGroup }, 'passenger_default_ruby' => { type: 'FullPath', pass_opt: :PassengerDefaultRuby }, 'passenger_default_user' => { type: 'String', pass_opt: :PassengerDefaultUser }, 'passenger_disable_anonymous_telemetry' => { type: 'Boolean', pass_opt: :PassengerDisableAnonymousTelemetry }, 'passenger_disable_log_prefix' => { type: 'Boolean', pass_opt: :PassengerDisableLogPrefix }, 'passenger_disable_security_update_check' => { type: 'OnOff', pass_opt: :PassengerDisableSecurityUpdateCheck }, 'passenger_enabled' => { type: 'OnOff', pass_opt: :PassengerEnabled }, 'passenger_error_override' => { type: 'OnOff', pass_opt: :PassengerErrorOverride }, 'passenger_file_descriptor_log_file' => { type: 'FullPath', pass_opt: :PassengerFileDescriptorLogFile }, 'passenger_fly_with' => { type: 'FullPath', pass_opt: :PassengerFlyWith }, 'passenger_force_max_concurrent_requests_per_process' => { type: 'Integer', pass_opt: :PassengerForceMaxConcurrentRequestsPerProcess }, 'passenger_friendly_error_pages' => { type: 'OnOff', pass_opt: :PassengerFriendlyErrorPages }, 'passenger_group' => { type: 'String', pass_opt: :PassengerGroup }, 'passenger_high_performance' => { type: 'OnOff', pass_opt: :PassengerHighPerformance }, 'passenger_instance_registry_dir' => { type: 'FullPath', pass_opt: :PassengerInstanceRegistryDir }, 'passenger_load_shell_envvars' => { type: 'OnOff', pass_opt: :PassengerLoadShellEnvvars }, 'passenger_log_file' => { type: 'FullPath', pass_opt: :PassengerLogFile }, 'passenger_log_level' => { type: 'Integer', pass_opt: :PassengerLogLevel }, 'passenger_lve_min_uid' => { type: 'Integer', pass_opt: :PassengerLveMinUid }, 'passenger_max_instances' => { type: 'Integer', pass_opt: :PassengerMaxInstances }, 'passenger_max_instances_per_app' => { type: 'Integer', pass_opt: :PassengerMaxInstancesPerApp }, 'passenger_max_pool_size' => { type: 'Integer', pass_opt: :PassengerMaxPoolSize }, 'passenger_max_preloader_idle_time' => { type: 'Integer', pass_opt: :PassengerMaxPreloaderIdleTime }, 'passenger_max_request_queue_size' => { type: 'Integer', pass_opt: :PassengerMaxRequestQueueSize }, 'passenger_max_request_time' => { type: 'Integer', pass_opt: :PassengerMaxRequestTime }, 'passenger_max_requests' => { type: 'Integer', pass_opt: :PassengerMaxRequests }, 'passenger_memory_limit' => { type: 'Integer', pass_opt: :PassengerMemoryLimit }, 'passenger_meteor_app_settings' => { type: 'FullPath', pass_opt: :PassengerMeteorAppSettings }, 'passenger_min_instances' => { type: 'Integer', pass_opt: :PassengerMinInstances }, 'passenger_nodejs' => { type: 'FullPath', pass_opt: :PassengerNodejs }, 'passenger_pool_idle_time' => { type: 'Integer', pass_opt: :PassengerPoolIdleTime }, 'passenger_pre_start' => { type: 'URI', pass_opt: :PassengerPreStart }, 'passenger_python' => { type: 'FullPath', pass_opt: :PassengerPython }, 'passenger_resist_deployment_errors' => { type: 'OnOff', pass_opt: :PassengerResistDeploymentErrors }, 'passenger_resolve_symlinks_in_document_root' => { type: 'OnOff', pass_opt: :PassengerResolveSymlinksInDocumentRoot }, 'passenger_response_buffer_high_watermark' => { type: 'Integer', pass_opt: :PassengerResponseBufferHighWatermark }, 'passenger_restart_dir' => { type: 'Path', pass_opt: :PassengerRestartDir }, 'passenger_rolling_restarts' => { type: 'OnOff', pass_opt: :PassengerRollingRestarts }, 'passenger_root' => { type: 'FullPath', pass_opt: :PassengerRoot }, 'passenger_ruby' => { type: 'FullPath', pass_opt: :PassengerRuby }, 'passenger_security_update_check_proxy' => { type: 'URI', pass_opt: :PassengerSecurityUpdateCheckProxy }, 'passenger_show_version_in_header' => { type: 'OnOff', pass_opt: :PassengerShowVersionInHeader }, 'passenger_socket_backlog' => { type: 'Integer', pass_opt: :PassengerSocketBacklog }, 'passenger_spawn_dir' => { type: 'FullPath', pass_opt: :PassengerSpawnDir }, 'passenger_spawn_method' => { type: ['smart', 'direct'], pass_opt: :PassengerSpawnMethod }, 'passenger_start_timeout' => { type: 'Integer', pass_opt: :PassengerStartTimeout }, 'passenger_startup_file' => { type: 'RelPath', pass_opt: :PassengerStartupFile }, 'passenger_stat_throttle_rate' => { type: 'Integer', pass_opt: :PassengerStatThrottleRate }, 'passenger_sticky_sessions' => { type: 'OnOff', pass_opt: :PassengerStickySessions }, 'passenger_sticky_sessions_cookie_name' => { type: 'String', pass_opt: :PassengerStickySessionsCookieName }, 'passenger_sticky_sessions_cookie_attributes' => { type: 'QuotedString', pass_opt: :PassengerStickySessionsCookieAttributes }, 'passenger_thread_count' => { type: 'Integer', pass_opt: :PassengerThreadCount }, 'passenger_use_global_queue' => { type: 'String', pass_opt: :PassengerUseGlobalQueue }, 'passenger_user' => { type: 'String', pass_opt: :PassengerUser }, 'passenger_user_switching' => { type: 'OnOff', pass_opt: :PassengerUserSwitching }, 'rack_auto_detect' => { type: 'String', pass_opt: :RackAutoDetect }, 'rack_autodetect' => { type: 'String', pass_opt: :RackAutoDetect }, 'rack_base_uri' => { type: 'String', pass_opt: :RackBaseURI }, 'rack_env' => { type: 'String', pass_opt: :RackEnv }, 'rails_allow_mod_rewrite' => { type: 'String', pass_opt: :RailsAllowModRewrite }, 'rails_app_spawner_idle_time' => { type: 'String', pass_opt: :RailsAppSpawnerIdleTime }, 'rails_auto_detect' => { type: 'String', pass_opt: :RailsAutoDetect }, 'rails_autodetect' => { type: 'String', pass_opt: :RailsAutoDetect }, 'rails_base_uri' => { type: 'String', pass_opt: :RailsBaseURI }, 'rails_default_user' => { type: 'String', pass_opt: :RailsDefaultUser }, 'rails_env' => { type: 'String', pass_opt: :RailsEnv }, 'rails_framework_spawner_idle_time' => { type: 'String', pass_opt: :RailsFrameworkSpawnerIdleTime }, 'rails_ruby' => { type: 'String', pass_opt: :RailsRuby }, 'rails_spawn_method' => { type: 'String', pass_opt: :RailsSpawnMethod }, 'rails_user_switching' => { type: 'String', pass_opt: :RailsUserSwitching }, 'wsgi_auto_detect' => { type: 'String', pass_opt: :WsgiAutoDetect }, } passenger_config_options.each do |config_option, config_hash| puppetized_config_option = config_option case config_hash[:type] # UnionStationFilter values are quoted strings when 'QuotedString' valid_config_values = ['"a quoted string"'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value.delete('"')}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ #{config_hash[:pass_opt]} "#{valid_value}"$}) } end end when 'FullPath', 'RelPath', 'Path' valid_config_values = ['/some/path/to/somewhere'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => #{valid_value}" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ #{config_hash[:pass_opt]} "#{valid_value}"$}) } end end when 'URI', 'String', 'Integer' valid_config_values = ['some_value_for_you'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => #{valid_value}" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ #{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'OnOff' valid_config_values = ['on', 'off'] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ #{config_hash[:pass_opt]} #{valid_value}$}) } end end when 'Boolean' valid_config_values = [true, false] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => #{valid_value}" do let :params do { puppetized_config_option.to_sym => valid_value } end let :expected_value do { true => 'On', false => 'Off', }[valid_value] end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ #{config_hash[:pass_opt]} #{expected_value}$}) } end end else valid_config_values = config_hash[:type] valid_config_values.each do |valid_value| describe "with #{puppetized_config_option} => '#{valid_value}'" do let :params do { puppetized_config_option.to_sym => valid_value } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ #{config_hash[:pass_opt]} #{valid_value}$}) } end end end end end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('passenger') } it { is_expected.to contain_package('libapache2-mod-passenger') } it { is_expected.to contain_file('zpassenger.load').with('path' => '/etc/apache2/mods-available/zpassenger.load') } it { is_expected.to contain_file('passenger.conf').with('path' => '/etc/apache2/mods-available/passenger.conf') } context 'passenger config with passenger_installed_version set', test: true do describe 'fails when an option is not valid for $passenger_installed_version' do let :params do { passenger_installed_version: '4.0.0', passenger_instance_registry_dir: '/some/path/to/nowhere', } end it { is_expected.to raise_error(%r{passenger_instance_registry_dir is not introduced until version 5.0.0}) } end describe 'fails when an option is removed' do let :params do { passenger_installed_version: '5.0.0', rails_autodetect: 'on', } end it { is_expected.to raise_error(%r{REMOVED PASSENGER OPTION}) } end describe 'warns when an option is deprecated' do puts facts[:os]['family'] puts facts[:os]['release'] let :params do { passenger_installed_version: '5.0.0', rails_ruby: '/some/path/to/ruby', } end specify { expect { warn(%r{DEPRECATED PASSENGER OPTION}) }.to output(%r{DEPRECATED PASSENGER OPTION}).to_stderr } end end describe "with passenger_root => '/usr/lib/example'" do let :params do { passenger_root: '/usr/lib/example' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/example"}) } end describe 'with passenger_ruby => /usr/lib/example/ruby' do let :params do { passenger_ruby: '/usr/lib/example/ruby' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby"}) } end describe 'with passenger_default_ruby => /usr/lib/example/ruby1.9.3' do let :params do { passenger_ruby: '/usr/lib/example/ruby1.9.3' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby1.9.3"}) } end describe 'with passenger_high_performance => on' do let :params do { passenger_high_performance: 'on' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerHighPerformance on$}) } end describe 'with passenger_pool_idle_time => 1200' do let :params do { passenger_pool_idle_time: 1200 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerPoolIdleTime 1200$}) } end describe 'with passenger_max_request_queue_size => 100' do let :params do { passenger_max_request_queue_size: 100 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerMaxRequestQueueSize 100$}) } end describe 'with passenger_max_requests => 20' do let :params do { passenger_max_requests: 20 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerMaxRequests 20$}) } end describe 'with passenger_spawn_method => direct' do let :params do { passenger_spawn_method: 'direct' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerSpawnMethod direct$}) } end describe 'with passenger_stat_throttle_rate => 10' do let :params do { passenger_stat_throttle_rate: 10 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerStatThrottleRate 10$}) } end describe 'with passenger_max_pool_size => 16' do let :params do { passenger_max_pool_size: 16 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerMaxPoolSize 16$}) } end describe 'with passenger_min_instances => 5' do let :params do { passenger_min_instances: 5 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerMinInstances 5$}) } end describe 'with passenger_max_instances_per_app => 8' do let :params do { passenger_max_instances_per_app: 8 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerMaxInstancesPerApp 8$}) } end describe 'with rack_autodetect => on' do let :params do { rack_autodetect: 'on' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ RackAutoDetect on$}) } end describe 'with rails_autodetect => on' do let :params do { rails_autodetect: 'on' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ RailsAutoDetect on$}) } end describe 'with passenger_use_global_queue => on' do let :params do { passenger_use_global_queue: 'on' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerUseGlobalQueue on$}) } end describe "with passenger_app_env => 'foo'" do let :params do { passenger_app_env: 'foo' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerAppEnv foo$}) } end describe "with passenger_log_file => '/var/log/apache2/passenger.log'" do let :params do { passenger_log_file: '/var/log/apache2/passenger.log' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerLogFile "/var/log/apache2/passenger.log"$}) } end describe 'with passenger_log_level => 3' do let :params do { passenger_log_level: 3 } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerLogLevel 3$}) } end describe "with mod_path => '/usr/lib/foo/mod_foo.so'" do let :params do { mod_path: '/usr/lib/foo/mod_foo.so' } end it { is_expected.to contain_file('zpassenger.load').with_content(%r{^LoadModule passenger_module \/usr\/lib\/foo\/mod_foo\.so$}) } end describe "with mod_lib_path => '/usr/lib/foo'" do let :params do { mod_lib_path: '/usr/lib/foo' } end it { is_expected.to contain_file('zpassenger.load').with_content(%r{^LoadModule passenger_module \/usr\/lib\/foo\/mod_passenger\.so$}) } end describe "with mod_lib => 'mod_foo.so'" do let :params do { mod_lib: 'mod_foo.so' } end it { is_expected.to contain_file('zpassenger.load').with_content(%r{^LoadModule passenger_module \/usr\/lib\/apache2\/modules\/mod_foo\.so$}) } end describe "with mod_id => 'mod_foo'" do let :params do { mod_id: 'mod_foo' } end it { is_expected.to contain_file('zpassenger.load').with_content(%r{^LoadModule mod_foo \/usr\/lib\/apache2\/modules\/mod_passenger\.so$}) } end context 'with Ubuntu 16.04 defaults' do it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini"}) } it { is_expected.to contain_file('passenger.conf').without_content(%r{PassengerRuby}) } it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerDefaultRuby "/usr/bin/ruby"}) } end if facts[:os]['release']['major'].to_i == 8 context 'with Debian 8 defaults' do it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini"}) } it { is_expected.to contain_file('passenger.conf').without_content(%r{PassengerRuby}) } it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerDefaultRuby "/usr/bin/ruby"}) } end end when 'RedHat' context 'on a RedHat OS' do case facts[:os]['release']['major'] when '6' context 'on EL6' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('passenger') } it { is_expected.to contain_package('mod_passenger') } it { is_expected.to contain_file('passenger_package.conf').with('path' => '/etc/httpd/conf.d/passenger.conf') } it { is_expected.to contain_file('passenger_package.conf').without_content } it { is_expected.to contain_file('passenger_package.conf').without_source } it { is_expected.to contain_file('zpassenger.load').with('path' => '/etc/httpd/conf.d/zpassenger.load') } it { is_expected.to contain_file('passenger.conf').without_content(%r{PassengerRoot}) } it { is_expected.to contain_file('passenger.conf').without_content(%r{PassengerRuby}) } describe "with passenger_root => '/usr/lib/example'" do let :params do { passenger_root: '/usr/lib/example' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerRoot "\/usr\/lib\/example"$}) } end describe 'with passenger_ruby => /usr/lib/example/ruby' do let :params do { passenger_ruby: '/usr/lib/example/ruby' } end it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerRuby "\/usr\/lib\/example\/ruby"$}) } end end when '7' context 'on EL7' do it { is_expected.to contain_file('passenger_package.conf').with('path' => '/etc/httpd/conf.d/passenger.conf') } it { is_expected.to contain_file('zpassenger.load').with('path' => '/etc/httpd/conf.modules.d/zpassenger.load') } end when '8' context 'on EL8' do it { is_expected.to contain_file('passenger_package.conf').with('path' => '/etc/httpd/conf.d/passenger.conf') } it { is_expected.to contain_file('zpassenger.load').with('path' => '/etc/httpd/conf.modules.d/zpassenger.load') } end end end when 'FreeBSD' context 'on a FreeBSD OS' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('passenger') } it { is_expected.to contain_package('www/rubygem-passenger') } end when 'Gentoo' context 'on a Gentoo OS' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('passenger') } it { is_expected.to contain_package('www-apache/passenger') } end end end end end diff --git a/spec/classes/mod/perl_spec.rb b/spec/classes/mod/perl_spec.rb index 0176c160..ddd004b6 100644 --- a/spec/classes/mod/perl_spec.rb +++ b/spec/classes/mod/perl_spec.rb @@ -1,74 +1,76 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::perl', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('perl') } it { is_expected.to contain_package('libapache2-mod-perl2') } end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('perl') } it { is_expected.to contain_package('mod_perl') } end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('perl') } it { is_expected.to contain_package('www/mod_perl2') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', operatingsystem: 'Gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('perl') } it { is_expected.to contain_package('www-apache/mod_perl') } end end diff --git a/spec/classes/mod/peruser_spec.rb b/spec/classes/mod/peruser_spec.rb index 0f6a62b3..d5f2a93a 100644 --- a/spec/classes/mod/peruser_spec.rb +++ b/spec/classes/mod/peruser_spec.rb @@ -1,44 +1,46 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::peruser', type: :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '10', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it do expect { catalogue }.to raise_error(Puppet::Error, %r{Unsupported osfamily FreeBSD}) end end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('peruser') } it { is_expected.to contain_file('/etc/apache2/modules.d/peruser.conf').with_ensure('file') } end end diff --git a/spec/classes/mod/php_spec.rb b/spec/classes/mod/php_spec.rb index fa557f24..a7d6fe88 100644 --- a/spec/classes/mod/php_spec.rb +++ b/spec/classes/mod/php_spec.rb @@ -1,299 +1,301 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::php', type: :class do on_supported_os.each do |os, facts| context "on #{os} " do let :facts do facts end let :pre_condition do 'class { "apache": mpm_module => prefork, }' end case facts[:os]['family'] when 'Debian' describe 'on a Debian OS' do context 'with mpm_module => prefork' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::prefork') } end case facts[:os]['release']['major'] when '8' context 'on jessie' do it { is_expected.to contain_file('php5.load').with( content: "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n", ) } context 'with mpm_module => itk on jessie' do let :pre_condition do 'class { "apache": mpm_module => itk, }' end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::itk') } it { is_expected.to contain_apache__mod('php5') } it { is_expected.to contain_package('libapache2-mod-php5') } it { is_expected.to contain_file('php5.load').with( content: "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n", ) } end end when '9' context 'on stretch' do it { is_expected.to contain_apache__mod('php7.0') } it { is_expected.to contain_package('libapache2-mod-php7.0') } it { is_expected.to contain_file('php7.0.load').with( content: "LoadModule php7_module /usr/lib/apache2/modules/libphp7.0.so\n", ) } end when '16.04' context 'on stretch' do let :params do { content: 'somecontent' } end it { is_expected.to contain_file('php7.0.conf').with( content: 'somecontent', ) } end when '18.04' context 'on stretch' do let :params do { content: 'somecontent' } end it { is_expected.to contain_file('php7.2.conf').with( content: 'somecontent', ) } end end end when 'RedHat' describe 'on a RedHat OS' do context 'with default params' do let :pre_condition do 'class { "apache": }' end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('php5') } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_package('php') } if facts[:os]['release']['major'].to_i > 5 it { is_expected.to contain_file('php5.load').with(content: "LoadModule php5_module modules/libphp5.so\n") } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_file('php7.load').with(content: "LoadModule php7_module modules/libphp7.so\n") } if facts[:os]['release']['major'].to_i >= 8 end context 'with alternative package name' do let :pre_condition do 'class { "apache": }' end let :params do { package_name: 'php54' } end it { is_expected.to contain_package('php54') } end context 'with alternative path' do let :pre_condition do 'class { "apache": }' end let :params do { path: 'alternative-path' } end it { is_expected.to contain_file('php5.load').with(content: "LoadModule php5_module alternative-path\n") } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_file('php7.load').with(content: "LoadModule php7_module alternative-path\n") } if facts[:os]['release']['major'].to_i >= 8 end context 'with alternative extensions' do let :pre_condition do 'class { "apache": }' end let :params do { extensions: ['.php', '.php5'], } end it { is_expected.to contain_file('php5.conf').with_content(Regexp.new(Regexp.escape(''))) } if facts[:os]['release']['major'].to_i < 8 end if facts[:os]['release']['major'].to_i > 5 context 'with specific version' do let :pre_condition do 'class { "apache": }' end let :params do { package_ensure: '5.3.13' } end it { is_expected.to contain_package('php').with( ensure: '5.3.13', ) } end end context 'with mpm_module => prefork' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::prefork') } it { is_expected.to contain_apache__mod('php5') } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_package('php') } if facts[:os]['release']['major'].to_i > 5 it { is_expected.to contain_file('php5.load').with(content: "LoadModule php5_module modules/libphp5.so\n") } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_file('php7.load').with(content: "LoadModule php7_module modules/libphp7.so\n") } if facts[:os]['release']['major'].to_i >= 8 end context 'with mpm_module => itk' do let :pre_condition do 'class { "apache": mpm_module => itk, }' end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::itk') } it { is_expected.to contain_apache__mod('php5') } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_package('php') } if facts[:os]['release']['major'].to_i > 5 it { is_expected.to contain_file('php5.load').with(content: "LoadModule php5_module modules/libphp5.so\n") } if facts[:os]['release']['major'].to_i < 8 it { is_expected.to contain_file('php7.load').with(content: "LoadModule php7_module modules/libphp7.so\n") } if facts[:os]['release']['major'].to_i >= 8 end end when 'FreeBSD' describe 'on a FreeBSD OS' do context 'with mpm_module => prefork' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('php5') } it { is_expected.to contain_package('www/mod_php5') } it { is_expected.to contain_file('php5.load') } end context 'with mpm_module => itk' do let :pre_condition do 'class { "apache": mpm_module => itk, }' end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::itk') } it { is_expected.to contain_apache__mod('php5') } it { is_expected.to contain_package('www/mod_php5') } it { is_expected.to contain_file('php5.load') } end end when 'Gentoo' describe 'on a Gentoo OS' do context 'with mpm_module => prefork' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('php5') } it { is_expected.to contain_package('dev-lang/php') } it { is_expected.to contain_file('php5.load') } end context 'with mpm_module => itk' do let :pre_condition do 'class { "apache": mpm_module => itk, }' end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::itk') } it { is_expected.to contain_apache__mod('php5') } it { is_expected.to contain_package('dev-lang/php') } it { is_expected.to contain_file('php5.load') } end end end # all the following tests are for legacy php/apache versions. They don't work on modern ubuntu and redhat 8 next if (facts[:os]['release']['major'].to_i > 15 && facts[:os]['name'] == 'Ubuntu') || (facts[:os]['release']['major'].to_i >= 9 && facts[:os]['name'] == 'Debian') || (facts[:os]['release']['major'].to_i >= 8 && (facts[:os]['name'] == 'RedHat' || facts[:os]['name'] == 'CentOS')) describe 'OS independent tests' do context 'with content param' do let :params do { content: 'somecontent' } end it { is_expected.to contain_file('php5.conf').with( content: 'somecontent', ) } end context 'with template param' do let :params do { template: 'apache/mod/php.conf.erb' } end it { is_expected.to contain_file('php5.conf').with( content: %r{^# PHP is an HTML-embedded scripting language which attempts to make it}, ) } end context 'with source param' do let :params do { source: 'some-path' } end it { is_expected.to contain_file('php5.conf').with( source: 'some-path', ) } end context 'content has priority over template' do let :params do { template: 'apache/mod/php5.conf.erb', content: 'somecontent', } end it { is_expected.to contain_file('php5.conf').with( content: 'somecontent', ) } end context 'source has priority over template' do let :params do { template: 'apache/mod/php5.conf.erb', source: 'some-path', } end it { is_expected.to contain_file('php5.conf').with( source: 'some-path', ) } end context 'source has priority over content' do let :params do { content: 'somecontent', source: 'some-path', } end it { is_expected.to contain_file('php5.conf').with( source: 'some-path', ) } end context 'with mpm_module => worker' do let :pre_condition do 'class { "apache": mpm_module => worker, }' end it 'raises an error' do expect { expect(subject).to contain_apache__mod('php5') }.to raise_error Puppet::Error, %r{mpm_module => 'prefork' or mpm_module => 'itk'} end end end end end end diff --git a/spec/classes/mod/prefork_spec.rb b/spec/classes/mod/prefork_spec.rb index 8554577c..fdc8762a 100644 --- a/spec/classes/mod/prefork_spec.rb +++ b/spec/classes/mod/prefork_spec.rb @@ -1,138 +1,140 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::prefork', type: :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('prefork') } it { is_expected.to contain_file('/etc/apache2/mods-available/prefork.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/apache2/mods-enabled/prefork.conf').with_ensure('link') } context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.not_to contain_file('/etc/apache2/mods-available/prefork.load') } it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/prefork.load') } it { is_expected.to contain_package('apache2-mpm-prefork') } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', } end it { is_expected.to contain_file('/etc/apache2/mods-available/prefork.load').with('ensure' => 'file', 'content' => "LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so\n") } it { is_expected.to contain_file('/etc/apache2/mods-enabled/prefork.load').with_ensure('link') } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('prefork') } it { is_expected.to contain_file('/etc/httpd/conf.d/prefork.conf').with_ensure('file') } context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.to contain_file_line('/etc/sysconfig/httpd prefork enable').with('require' => 'Package[httpd]') } it { is_expected.to contain_file('/etc/httpd/conf.d/prefork.conf').without('content' => %r{MaxRequestWorkers}) } it { is_expected.to contain_file('/etc/httpd/conf.d/prefork.conf').without('content' => %r{MaxConnectionsPerChild}) } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', maxrequestworkers: '512', maxconnectionsperchild: '4000', } end it { is_expected.not_to contain_apache__mod('event') } it { is_expected.to contain_file('/etc/httpd/conf.d/prefork.load').with('ensure' => 'file', 'content' => "LoadModule mpm_prefork_module modules/mod_mpm_prefork.so\n") } it { is_expected.to contain_file('/etc/httpd/conf.d/prefork.conf').without('content' => %r{MaxClients}) } it { is_expected.to contain_file('/etc/httpd/conf.d/prefork.conf').without('content' => %r{MaxRequestsPerChild}) } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('prefork') } it { is_expected.to contain_file('/usr/local/etc/apache24/Modules/prefork.conf').with_ensure('file') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('prefork') } it { is_expected.to contain_file('/etc/apache2/modules.d/prefork.conf').with_ensure('file') } end end diff --git a/spec/classes/mod/proxy_balancer_spec.rb b/spec/classes/mod/proxy_balancer_spec.rb index 8071a696..e4b1a72c 100644 --- a/spec/classes/mod/proxy_balancer_spec.rb +++ b/spec/classes/mod/proxy_balancer_spec.rb @@ -1,86 +1,88 @@ +# frozen_string_literal: true + require 'spec_helper' # Helper function for testing the contents of `proxy_balancer.conf` def balancer_manager_conf_spec(allow_from, manager_path) expected = "\n"\ " SetHandler balancer-manager\n"\ " Require ip #{Array(allow_from).join(' ')}\n"\ "\n" it do is_expected.to contain_file('proxy_balancer.conf').with_content(expected) end end describe 'apache::mod::proxy_balancer', type: :class do let :pre_condition do [ 'include apache::mod::proxy', ] end it_behaves_like 'a mod class, without including apache' context 'default configuration with default parameters' do context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('proxy_balancer') } it { is_expected.not_to contain_file('proxy_balancer.conf') } it { is_expected.not_to contain_file('proxy_balancer.conf symlink') } end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('proxy_balancer') } it { is_expected.not_to contain_file('proxy_balancer.conf') } it { is_expected.not_to contain_file('proxy_balancer.conf symlink') } end end context "default configuration with custom parameters $manager => true, $allow_from => ['10.10.10.10','11.11.11.11'], $status_path => '/custom-manager' on a Debian OS" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { manager: true, allow_from: ['10.10.10.10', '11.11.11.11'], manager_path: '/custom-manager', } end balancer_manager_conf_spec(['10.10.10.10', '11.11.11.11'], '/custom-manager') end end diff --git a/spec/classes/mod/proxy_connect_spec.rb b/spec/classes/mod/proxy_connect_spec.rb index 0f39a05b..b9fc082e 100644 --- a/spec/classes/mod/proxy_connect_spec.rb +++ b/spec/classes/mod/proxy_connect_spec.rb @@ -1,63 +1,65 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::proxy_connect', type: :class do let :pre_condition do [ 'include apache::mod::proxy', ] end it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'with Apache version < 2.2' do let :facts do super().merge(operatingsystemrelease: '7.0', lsbdistcodename: 'wheezy') end let :params do { apache_version: '2.1', } end it { is_expected.not_to contain_apache__mod('proxy_connect') } end context 'with Apache version = 2.2' do let :facts do super().merge(operatingsystemrelease: '7.0', lsbdistcodename: 'wheezy') end let :params do { apache_version: '2.2', } end it { is_expected.to contain_apache__mod('proxy_connect') } end context 'with Apache version >= 2.4' do let :facts do super().merge(operatingsystemrelease: '8.0', lsbdistcodename: 'jessie') end let :params do { apache_version: '2.4', } end it { is_expected.to contain_apache__mod('proxy_connect') } end end end diff --git a/spec/classes/mod/proxy_html_spec.rb b/spec/classes/mod/proxy_html_spec.rb index b8944ad0..c305aa31 100644 --- a/spec/classes/mod/proxy_html_spec.rb +++ b/spec/classes/mod/proxy_html_spec.rb @@ -1,108 +1,110 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::proxy_html', type: :class do let :pre_condition do [ 'include apache::mod::proxy', 'include apache::mod::proxy_http', ] end it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do shared_examples 'debian' do |loadfiles| it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('proxy_html').with(loadfiles: loadfiles) } it { is_expected.to contain_package('libapache2-mod-proxy-html') } end let :facts do { osfamily: 'Debian', architecture: 'i386', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', hardwaremodel: 'i386', is_pe: false, } end context 'on jessie i386' do let(:facts) do super().merge(operatingsystemrelease: '8', hardwaremodel: 'i686', architecture: 'i386') end it { is_expected.to contain_apache__mod('xml2enc').with(loadfiles: nil) } it_behaves_like 'debian', ['/usr/lib/i386-linux-gnu/libxml2.so.2'] end context 'on jessie x64' do let(:facts) do super().merge(operatingsystemrelease: '8', hardwaremodel: 'x86_64', architecture: 'amd64') end it { is_expected.to contain_apache__mod('xml2enc').with(loadfiles: nil) } it_behaves_like 'debian', ['/usr/lib/x86_64-linux-gnu/libxml2.so.2'] end end context 'on a RedHat OS', :compile do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('proxy_html').with(loadfiles: nil) } it { is_expected.to contain_package('mod_proxy_html') } it { is_expected.to contain_apache__mod('xml2enc').with(loadfiles: nil) } end context 'on a FreeBSD OS', :compile do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('proxy_html').with(loadfiles: nil) } it { is_expected.to contain_apache__mod('xml2enc').with(loadfiles: nil) } it { is_expected.to contain_package('www/mod_proxy_html') } end context 'on a Gentoo OS', :compile do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('proxy_html').with(loadfiles: nil) } it { is_expected.to contain_apache__mod('xml2enc').with(loadfiles: nil) } it { is_expected.to contain_package('www-apache/mod_proxy_html') } end end diff --git a/spec/classes/mod/proxy_wstunnel.rb b/spec/classes/mod/proxy_wstunnel.rb index e332d94f..4626d539 100644 --- a/spec/classes/mod/proxy_wstunnel.rb +++ b/spec/classes/mod/proxy_wstunnel.rb @@ -1,5 +1,7 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::proxy_wstunnel', type: :class do it_behaves_like 'a mod class, without including apache' end diff --git a/spec/classes/mod/python_spec.rb b/spec/classes/mod/python_spec.rb index 21e4e427..a433deb0 100644 --- a/spec/classes/mod/python_spec.rb +++ b/spec/classes/mod/python_spec.rb @@ -1,84 +1,86 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::python', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('python') } it { is_expected.to contain_package('libapache2-mod-python') } end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('python') } it { is_expected.to contain_package('mod_python') } it { is_expected.to contain_file('python.load').with_path('/etc/httpd/conf.d/python.load') } describe 'with loadfile_name specified' do let :params do { loadfile_name: 'FooBar' } end it { is_expected.to contain_file('FooBar').with_path('/etc/httpd/conf.d/FooBar') } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('python') } it { is_expected.to contain_package('www/mod_python3') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('python') } it { is_expected.to contain_package('www-apache/mod_python') } end end diff --git a/spec/classes/mod/remoteip_spec.rb b/spec/classes/mod/remoteip_spec.rb index bb5215ab..d9cc055e 100644 --- a/spec/classes/mod/remoteip_spec.rb +++ b/spec/classes/mod/remoteip_spec.rb @@ -1,123 +1,125 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::remoteip', type: :class do context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :params do { apache_version: '2.4' } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('remoteip') } it { is_expected.to contain_file('remoteip.conf').with('path' => '/etc/apache2/mods-available/remoteip.conf') } describe 'with header X-Forwarded-For' do let :params do { header: 'X-Forwarded-For' } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPHeader X-Forwarded-For$}) } end describe 'with internal_proxy => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { internal_proxy: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.17.8$}) } it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.18.99$}) } end describe 'with IPv4 CIDR in internal_proxy => [ 192.168.1.0/24 ]' do let :params do { internal_proxy: ['192.168.1.0/24'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 192.168.1.0/24$}) } end describe 'with IPv6 CIDR in internal_proxy => [ fd00:fd00:fd00:2000::/64 ]' do let :params do { internal_proxy: ['fd00:fd00:fd00:2000::/64'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy fd00:fd00:fd00:2000::/64$}) } end describe 'with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { proxy_ips: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.17.8$}) } it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.18.99$}) } end describe 'with IPv4 CIDR in proxy_ips => [ 192.168.1.0/24 ]' do let :params do { proxy_ips: ['192.168.1.0/24'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 192.168.1.0/24$}) } end describe 'with IPv6 CIDR in proxy_ips => [ fd00:fd00:fd00:2000::/64 ]' do let :params do { proxy_ips: ['fd00:fd00:fd00:2000::/64'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy fd00:fd00:fd00:2000::/64$}) } end describe 'with trusted_proxy => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { trusted_proxy: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.17.8$}) } it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.18.99$}) } end describe 'with trusted_proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { trusted_proxy: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.17.8$}) } it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.18.99$}) } end describe 'with proxy_protocol_exceptions => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { proxy_protocol_exceptions: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPProxyProtocolExceptions 10.42.17.8$}) } it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPProxyProtocolExceptions 10.42.18.99$}) } end describe 'with IPv4 CIDR in proxy_protocol_exceptions => [ 192.168.1.0/24 ]' do let :params do { proxy_protocol_exceptions: ['192.168.1.0/24'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPProxyProtocolExceptions 192.168.1.0/24$}) } end describe 'with IPv6 CIDR in proxy_protocol_exceptions => [ fd00:fd00:fd00:2000::/64 ]' do let :params do { proxy_protocol_exceptions: ['fd00:fd00:fd00:2000::/64'] } end it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPProxyProtocolExceptions fd00:fd00:fd00:2000::/64$}) } end describe 'with Apache version < 2.4' do let :params do { apache_version: '2.2' } end it { expect { catalogue }.to raise_error(Puppet::Error, %r{mod_remoteip is only available in Apache 2.4}) } end end end diff --git a/spec/classes/mod/reqtimeout_spec.rb b/spec/classes/mod/reqtimeout_spec.rb index d86ed20b..6dca3cb2 100644 --- a/spec/classes/mod/reqtimeout_spec.rb +++ b/spec/classes/mod/reqtimeout_spec.rb @@ -1,154 +1,156 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::reqtimeout', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', lsbdistcodename: 'jessie', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$}) } end context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do let :params do { timeouts: ['header=20-60,minrate=600', 'body=60,minrate=600'] } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$}) } end context "passing timeouts => 'header=20-60,minrate=600'" do let :params do { timeouts: 'header=20-60,minrate=600' } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600$}) } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'Redhat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$}) } end context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do let :params do { timeouts: ['header=20-60,minrate=600', 'body=60,minrate=600'] } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$}) } end context "passing timeouts => 'header=20-60,minrate=600'" do let :params do { timeouts: 'header=20-60,minrate=600' } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600$}) } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$}) } end context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do let :params do { timeouts: ['header=20-60,minrate=600', 'body=60,minrate=600'] } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$}) } end context "passing timeouts => 'header=20-60,minrate=600'" do let :params do { timeouts: 'header=20-60,minrate=600' } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600$}) } end end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end context 'passing no parameters' do it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$}) } end context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do let :params do { timeouts: ['header=20-60,minrate=600', 'body=60,minrate=600'] } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$}) } end context "passing timeouts => 'header=20-60,minrate=600'" do let :params do { timeouts: 'header=20-60,minrate=600' } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('reqtimeout') } it { is_expected.to contain_file('reqtimeout.conf').with_content(%r{^RequestReadTimeout header=20-60,minrate=600$}) } end end end diff --git a/spec/classes/mod/rpaf_spec.rb b/spec/classes/mod/rpaf_spec.rb index eb389baa..a36af731 100644 --- a/spec/classes/mod/rpaf_spec.rb +++ b/spec/classes/mod/rpaf_spec.rb @@ -1,135 +1,137 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::rpaf', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('rpaf') } it { is_expected.to contain_package('libapache2-mod-rpaf') } it { is_expected.to contain_file('rpaf.conf').with('path' => '/etc/apache2/mods-available/rpaf.conf') } it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFenable On$}) } describe 'with sethostname => true' do let :params do { sethostname: 'true' } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFsethostname On$}) } end describe 'with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { proxy_ips: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFproxy_ips 10.42.17.8 10.42.18.99$}) } end describe 'with header => X-Real-IP' do let :params do { header: 'X-Real-IP' } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFheader X-Real-IP$}) } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('rpaf') } it { is_expected.to contain_package('www/mod_rpaf2') } it { is_expected.to contain_file('rpaf.conf').with('path' => '/usr/local/etc/apache24/Modules/rpaf.conf') } it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFenable On$}) } describe 'with sethostname => true' do let :params do { sethostname: 'true' } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFsethostname On$}) } end describe 'with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { proxy_ips: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFproxy_ips 10.42.17.8 10.42.18.99$}) } end describe 'with header => X-Real-IP' do let :params do { header: 'X-Real-IP' } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFheader X-Real-IP$}) } end end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('rpaf') } it { is_expected.to contain_package('www-apache/mod_rpaf') } it { is_expected.to contain_file('rpaf.conf').with('path' => '/etc/apache2/modules.d/rpaf.conf') } it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFenable On$}) } describe 'with sethostname => true' do let :params do { sethostname: 'true' } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFsethostname On$}) } end describe 'with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { proxy_ips: ['10.42.17.8', '10.42.18.99'] } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFproxy_ips 10.42.17.8 10.42.18.99$}) } end describe 'with header => X-Real-IP' do let :params do { header: 'X-Real-IP' } end it { is_expected.to contain_file('rpaf.conf').with_content(%r{^RPAFheader X-Real-IP$}) } end end end diff --git a/spec/classes/mod/security_spec.rb b/spec/classes/mod/security_spec.rb index f9967f6d..50e9986a 100644 --- a/spec/classes/mod/security_spec.rb +++ b/spec/classes/mod/security_spec.rb @@ -1,213 +1,210 @@ +# frozen_string_literal: true require 'spec_helper' describe 'apache::mod::security', type: :class do on_supported_os.each do |os, facts| context "on #{os} " do let :facts do facts end case facts[:os]['family'] when 'RedHat' context 'on RedHat based systems' do it { is_expected.to contain_apache__mod('security').with( id: 'security2_module', lib: 'mod_security2.so', ) } it { is_expected.to contain_apache__mod('unique_id_module').with( id: 'unique_id_module', lib: 'mod_unique_id.so', ) } + it { is_expected.to contain_package('mod_security_crs') } - if facts[:os]['release']['major'].to_i > 6 && facts[:os]['release']['major'].to_i <= 7 - it { - is_expected.to contain_file('security.conf').with( - path: '/etc/httpd/conf.modules.d/security.conf', - ) - } - end - if facts[:os]['release']['major'].to_i >= 8 + + if (facts[:os]['release']['major'].to_i > 6 && facts[:os]['release']['major'].to_i <= 7) || (facts[:os]['release']['major'].to_i >= 8) it { is_expected.to contain_file('security.conf').with( path: '/etc/httpd/conf.modules.d/security.conf', ) } end + it { is_expected.to contain_file('security.conf') .with_content(%r{^\s+SecAuditLogRelevantStatus "\^\(\?:5\|4\(\?!04\)\)"$}) .with_content(%r{^\s+SecAuditLogParts ABIJDEFHZ$}) .with_content(%r{^\s+SecAuditLogType Serial$}) .with_content(%r{^\s+SecDebugLog /var/log/httpd/modsec_debug.log$}) .with_content(%r{^\s+SecAuditLog /var/log/httpd/modsec_audit.log$}) } it { is_expected.to contain_file('/etc/httpd/modsecurity.d').with( ensure: 'directory', path: '/etc/httpd/modsecurity.d', owner: 'root', group: 'root', mode: '0755' ) } it { is_expected.to contain_file('/etc/httpd/modsecurity.d/activated_rules').with( ensure: 'directory', path: '/etc/httpd/modsecurity.d/activated_rules', owner: 'apache', group: 'apache' ) } it { is_expected.to contain_file('/etc/httpd/modsecurity.d/security_crs.conf').with( path: '/etc/httpd/modsecurity.d/security_crs.conf', ) } it { is_expected.to contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') } it { is_expected.to contain_file('modsecurity_35_bad_robots.data').with( path: '/etc/httpd/modsecurity.d/activated_rules/modsecurity_35_bad_robots.data', target: '/usr/lib/modsecurity.d/base_rules/modsecurity_35_bad_robots.data', ) } describe 'with parameters' do let :params do { activated_rules: [ '/tmp/foo/bar.conf', ], audit_log_relevant_status: '^(?:5|4(?!01|04))', audit_log_parts: 'ABCDZ', audit_log_type: 'Concurrent', audit_log_storage_dir: '/var/log/httpd/audit', secdefaultaction: 'deny,status:406,nolog,auditlog', } end it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogRelevantStatus "\^\(\?:5\|4\(\?!01\|04\)\)"$} } it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogParts ABCDZ$} } it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogType Concurrent$} } it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogStorageDir /var/log/httpd/audit$} } it { is_expected.to contain_file('/etc/httpd/modsecurity.d/security_crs.conf').with_content %r{^\s*SecDefaultAction "phase:2,deny,status:406,nolog,auditlog"$} } it { is_expected.to contain_file('bar.conf').with( path: '/etc/httpd/modsecurity.d/activated_rules/bar.conf', target: '/tmp/foo/bar.conf', ) } end describe 'with other modsec parameters' do let :params do { manage_security_crs: false, } end it { is_expected.not_to contain_file('/etc/httpd/modsecurity.d/security_crs.conf') } end end when 'Debian' context 'on Debian based systems' do it { is_expected.to contain_apache__mod('security').with( id: 'security2_module', lib: 'mod_security2.so', ) } it { is_expected.to contain_apache__mod('unique_id_module').with( id: 'unique_id_module', lib: 'mod_unique_id.so', ) } it { is_expected.to contain_package('modsecurity-crs') } it { is_expected.to contain_file('security.conf').with( path: '/etc/apache2/mods-available/security.conf', ) } it { is_expected.to contain_file('security.conf') .with_content(%r{^\s+SecAuditLogRelevantStatus "\^\(\?:5\|4\(\?!04\)\)"$}) .with_content(%r{^\s+SecAuditLogParts ABIJDEFHZ$}) .with_content(%r{^\s+SecAuditLogType Serial$}) .with_content(%r{^\s+SecDebugLog /var/log/apache2/modsec_debug.log$}) .with_content(%r{^\s+SecAuditLog /var/log/apache2/modsec_audit.log$}) } it { is_expected.to contain_file('/etc/modsecurity').with( ensure: 'directory', path: '/etc/modsecurity', owner: 'root', group: 'root', mode: '0755' ) } it { is_expected.to contain_file('/etc/modsecurity/activated_rules').with( ensure: 'directory', path: '/etc/modsecurity/activated_rules', owner: 'www-data', group: 'www-data' ) } it { is_expected.to contain_file('/etc/modsecurity/security_crs.conf').with( path: '/etc/modsecurity/security_crs.conf', ) } if (facts[:os]['release']['major'].to_i < 18 && facts[:os]['name'] == 'Ubuntu') || (facts[:os]['release']['major'].to_i < 9 && facts[:os]['name'] == 'Debian') it { is_expected.to contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') } it { is_expected.to contain_file('modsecurity_35_bad_robots.data').with( path: '/etc/modsecurity/activated_rules/modsecurity_35_bad_robots.data', target: '/usr/share/modsecurity-crs/base_rules/modsecurity_35_bad_robots.data', ) } end describe 'with parameters' do let :params do { activated_rules: [ '/tmp/foo/bar.conf', ], audit_log_relevant_status: '^(?:5|4(?!01|04))', audit_log_parts: 'ABCDZ', audit_log_type: 'Concurrent', audit_log_storage_dir: '/var/log/httpd/audit', secdefaultaction: 'deny,status:406,nolog,auditlog', } end if (facts[:os]['release']['major'].to_i < 18 && facts[:os]['name'] == 'Ubuntu') || (facts[:os]['release']['major'].to_i < 9 && facts[:os]['name'] == 'Debian') it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogRelevantStatus "\^\(\?:5\|4\(\?!01\|04\)\)"$} } it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogParts ABCDZ$} } it { is_expected.to contain_file('security.conf').with_content %r{^\s+SecAuditLogStorageDir /var/log/httpd/audit$} } it { is_expected.to contain_file('/etc/modsecurity/security_crs.conf').with_content %r{^\s*SecDefaultAction "phase:2,deny,status:406,nolog,auditlog"$} } it { is_expected.to contain_file('bar.conf').with( path: '/etc/modsecurity/activated_rules/bar.conf', target: '/tmp/foo/bar.conf', ) } end end describe 'with mod security version' do let :params do { version: 2, } end it { is_expected.to contain_apache__mod('security2') } it { is_expected.to contain_file('security.conf').with( path: '/etc/apache2/mods-available/security2.conf', ) } end end end end end end diff --git a/spec/classes/mod/shib_spec.rb b/spec/classes/mod/shib_spec.rb index ec9706ca..a6bbe46b 100644 --- a/spec/classes/mod/shib_spec.rb +++ b/spec/classes/mod/shib_spec.rb @@ -1,42 +1,44 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::shib', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', fqdn: 'test.example.com', is_pe: false, } end describe 'with no parameters' do it { is_expected.to contain_apache__mod('shib2').with_id('mod_shib') } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', fqdn: 'test.example.com', is_pe: false, } end describe 'with no parameters' do it { is_expected.to contain_apache__mod('shib2').with_id('mod_shib') } end end end diff --git a/spec/classes/mod/speling_spec.rb b/spec/classes/mod/speling_spec.rb index 1824c724..f4a34e3f 100644 --- a/spec/classes/mod/speling_spec.rb +++ b/spec/classes/mod/speling_spec.rb @@ -1,37 +1,39 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::speling', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('speling') } end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('speling') } end end diff --git a/spec/classes/mod/ssl_spec.rb b/spec/classes/mod/ssl_spec.rb index 33b00c4f..48f4683f 100644 --- a/spec/classes/mod/ssl_spec.rb +++ b/spec/classes/mod/ssl_spec.rb @@ -1,388 +1,390 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::ssl', type: :class do it_behaves_like 'a mod class, without including apache' context 'on an unsupported OS' do let :facts do { osfamily: 'Magic', operatingsystemrelease: '0', operatingsystem: 'Magic', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { expect { catalogue }.to raise_error(Puppet::Error, %r{Unsupported osfamily:}) } end context 'on a RedHat' do context '6 OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } it { is_expected.to contain_package('mod_ssl') } it { is_expected.to contain_file('ssl.conf').with_path('/etc/httpd/conf.d/ssl.conf') } it { is_expected.to contain_file('ssl.conf').with_content(%r{SSLProtocol all -SSLv2 -SSLv3}) } end context '8 OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '8', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } it { is_expected.to contain_package('mod_ssl') } it { is_expected.to contain_file('ssl.conf').with_path('/etc/httpd/conf.modules.d/ssl.conf') } it { is_expected.to contain_file('ssl.conf').with_content(%r{SSLProtocol all}) } end context '6 OS with a custom package_name parameter' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { package_name: 'httpd24-mod_ssl' } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } it { is_expected.to contain_package('httpd24-mod_ssl') } it { is_expected.not_to contain_package('mod_ssl') } it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLSessionCache "shmcb:/var/cache/mod_ssl/scache\(512000\)"$}) } end context '7 OS with custom directories for PR#1635' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '7', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :pre_condition do "class { 'apache': confd_dir => '/etc/httpd/conf.puppet.d', default_mods => false, default_vhost => false, mod_dir => '/etc/httpd/conf.modules.puppet.d', vhost_dir => '/etc/httpd/conf.puppet.d', }" end it { is_expected.to contain_package('mod_ssl') } it { is_expected.to contain_file('ssl.conf').with_path('/etc/httpd/conf.puppet.d/ssl.conf') } end end context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } it { is_expected.not_to contain_package('libapache2-mod-ssl') } it { is_expected.to contain_file('ssl.conf').with_content(%r{SSLProtocol all -SSLv2 -SSLv3}) } end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLSessionCache "shmcb:/var/run/ssl_scache\(512000\)"$}) } end context 'on a Suse OS' do let :facts do { osfamily: 'Suse', operatingsystem: 'SLES', operatingsystemrelease: '12', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('ssl') } it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLSessionCache "shmcb:/var/lib/apache2/ssl_scache\(512000\)"$}) } end # Template config doesn't vary by distro context 'on all distros' do let :facts do { osfamily: 'RedHat', operatingsystem: 'CentOS', operatingsystemrelease: '6', kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'not setting ssl_pass_phrase_dialog' do it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLPassPhraseDialog builtin$}) } end context 'setting ssl_cert' do let :params do { ssl_cert: '/etc/pki/some/path/localhost.crt', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLCertificateFile}) } end context 'setting ssl_key' do let :params do { ssl_key: '/etc/pki/some/path/localhost.key', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLCertificateKeyFile}) } end context 'setting ssl_ca to a path' do let :params do { ssl_ca: '/etc/pki/some/path/ca.crt', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLCACertificateFile}) } end context 'with Apache version < 2.4 - ssl_compression with default value' do let :params do { apache_version: '2.2', } end it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLCompression Off$}) } end context 'with Apache version < 2.4 - setting ssl_compression to true' do let :params do { apache_version: '2.2', ssl_compression: true, } end it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLCompression On$}) } end context 'with Apache version < 2.4 - setting ssl_stapling to true' do let :params do { apache_version: '2.2', ssl_stapling: true, } end it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLUseStapling}) } end context 'with Apache version >= 2.4 - ssl_compression with default value' do let :params do { apache_version: '2.4', } end it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLCompression Off$}) } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', ssl_compression: true, } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLCompression On$}) } end context 'with Apache version >= 2.4 - ssl_sessiontickets with default value' do let :params do { apache_version: '2.4', } end it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLSessionTickets (Off|On)$}) } end context 'with Apache version >= 2.4 - setting ssl_sessiontickets to false' do let :params do { apache_version: '2.4', ssl_sessiontickets: false, } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLSessionTickets Off$}) } end context 'with Apache version >= 2.4 - setting ssl_stapling to true' do let :params do { apache_version: '2.4', ssl_stapling: true, } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLUseStapling On$}) } end context 'with Apache version >= 2.4 - setting ssl_stapling_return_errors to true' do let :params do { apache_version: '2.4', ssl_stapling_return_errors: true, } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLStaplingReturnResponderErrors On$}) } end context 'with Apache version >= 2.4 - setting stapling_cache' do let :params do { apache_version: '2.4', stapling_cache: '/tmp/customstaplingcache(51200)', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLStaplingCache "shmcb:/tmp/customstaplingcache\(51200\)"$}) } end context 'setting ssl_pass_phrase_dialog' do let :params do { ssl_pass_phrase_dialog: 'exec:/path/to/program', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLPassPhraseDialog exec:\/path\/to\/program$}) } end context 'setting ssl_random_seed_bytes' do let :params do { ssl_random_seed_bytes: '1024', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLRandomSeed startup file:/dev/urandom 1024$}) } end context 'setting ssl_openssl_conf_cmd' do let :params do { ssl_openssl_conf_cmd: 'DHParameters "foo.pem"', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^\s+SSLOpenSSLConfCmd DHParameters "foo.pem"$}) } end context 'setting ssl_mutex' do let :params do { ssl_mutex: 'posixsem', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLMutex posixsem$}) } end context 'setting ssl_sessioncache' do let :params do { ssl_sessioncache: '/tmp/customsessioncache(51200)', } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLSessionCache "shmcb:/tmp/customsessioncache\(51200\)"$}) } end context 'setting ssl_proxy_protocol' do let :params do { ssl_proxy_protocol: ['-ALL', '+TLSv1'], } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLProxyProtocol -ALL \+TLSv1$}) } end end end diff --git a/spec/classes/mod/status_spec.rb b/spec/classes/mod/status_spec.rb index 440804bb..f4741a99 100644 --- a/spec/classes/mod/status_spec.rb +++ b/spec/classes/mod/status_spec.rb @@ -1,354 +1,358 @@ +# frozen_string_literal: true + require 'spec_helper' # Helper function for testing the contents of `status.conf` # Apache < 2.4 def status_conf_spec(allow_from, extended_status, status_path) expected = "\n"\ " SetHandler server-status\n"\ " Order deny,allow\n"\ " Deny from all\n"\ " Allow from #{Array(allow_from).join(' ')}\n"\ "\n"\ "ExtendedStatus #{extended_status}\n"\ "\n"\ "\n"\ " # Show Proxy LoadBalancer status in mod_status\n"\ " ProxyStatus On\n"\ "\n" - it do + it('status conf') do is_expected.to contain_file('status.conf').with_content(expected) end end # Apache >= 2.4 def require_directives(requires) if requires == :undef " Require ip 127.0.0.1 ::1\n" elsif requires.is_a?(String) if ['', 'unmanaged'].include? requires.downcase '' else " Require #{requires}\n" end elsif requires.is_a?(Array) requires.map { |req| " Require #{req}\n" }.join('') elsif requires.is_a?(Hash) if requires.key?(:enforce) \ " \n" + \ requires[:requires].map { |req| " Require #{req}\n" }.join('') + \ " \n" else requires[:requires].map { |req| " Require #{req}\n" }.join('') end end end def status_conf_spec_require(requires, extended_status, status_path) expected = "\n"\ " SetHandler server-status\n"\ "#{require_directives(requires)}"\ "\n"\ "ExtendedStatus #{extended_status}\n"\ "\n"\ "\n"\ " # Show Proxy LoadBalancer status in mod_status\n"\ " ProxyStatus On\n"\ "\n" - it do + it('status conf require') do is_expected.to contain_file('status.conf').with_content(expected) end end describe 'apache::mod::status', type: :class do it_behaves_like 'a mod class, without including apache' context 'default configuration with parameters' do context 'on a Debian 6 OS with default params' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'squeeze', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('status') } status_conf_spec(['127.0.0.1', '::1'], 'On', '/server-status') it { is_expected.to contain_file('status.conf').with(ensure: 'file', path: '/etc/apache2/mods-available/status.conf') } it { is_expected.to contain_file('status.conf symlink').with(ensure: 'link', path: '/etc/apache2/mods-enabled/status.conf') } end context 'on a RedHat 6 OS with default params' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_apache__mod('status') } status_conf_spec(['127.0.0.1', '::1'], 'On', '/server-status') it { is_expected.to contain_file('status.conf').with_path('/etc/httpd/conf.d/status.conf') } end valid_requires = { undef: :undef, empty: '', unmanaged: 'unmanaged', string: 'ip 127.0.0.1 192.168', array: [ 'ip 127.0.0.1', 'ip ::1', 'host localhost', ], hash: { requires: [ 'ip 10.1', 'host somehost', ], }, enforce: { enforce: 'all', requires: [ 'ip 127.0.0.1', 'host localhost', ], }, } valid_requires.each do |req_key, req_value| context "on a Debian 8 OS with default params and #{req_key} requires" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'squeeze', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { requires: req_value, } end it { is_expected.to contain_apache__mod('status') } status_conf_spec_require(req_value, 'On', '/server-status') it { is_expected.to contain_file('status.conf').with(ensure: 'file', path: '/etc/apache2/mods-available/status.conf') } it { is_expected.to contain_file('status.conf symlink').with(ensure: 'link', path: '/etc/apache2/mods-enabled/status.conf') } end context "on a RedHat 7 OS with default params and #{req_key} requires" do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '7', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { requires: req_value, } end it { is_expected.to contain_apache__mod('status') } status_conf_spec_require(req_value, 'On', '/server-status') it { is_expected.to contain_file('status.conf').with_path('/etc/httpd/conf.modules.d/status.conf') } end context "on a RedHat 8 OS with default params and #{req_key} requires" do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '8', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { requires: req_value, } end it { is_expected.to contain_apache__mod('status') } status_conf_spec_require(req_value, 'On', '/server-status') it { is_expected.to contain_file('status.conf').with_path('/etc/httpd/conf.modules.d/status.conf') } end end context "with custom parameters $allow_from => ['10.10.10.10','11.11.11.11'], $extended_status => 'Off', $status_path => '/custom-status'" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'squeeze', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { allow_from: ['10.10.10.10', '11.11.11.11'], extended_status: 'Off', status_path: '/custom-status', } end + it { is_expected.to compile } + status_conf_spec(['10.10.10.10', '11.11.11.11'], 'Off', '/custom-status') end context "with valid parameter type $allow_from => ['10.10.10.10']" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'squeeze', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { allow_from: ['10.10.10.10'] } end it 'expects to succeed array validation' do expect { is_expected.to contain_file('status.conf') }.not_to raise_error end end context "with invalid parameter type $allow_from => '10.10.10.10'" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { allow_from: '10.10.10.10' } end it 'expects to fail array validation' do expect { is_expected.to contain_file('status.conf') }.to raise_error(Puppet::Error) end end # Only On or Off are valid options ['On', 'Off'].each do |valid_param| context "with valid value $extended_status => '#{valid_param}'" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', lsbdistcodename: 'squeeze', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { extended_status: valid_param } end it 'expects to succeed regular expression validation' do expect { is_expected.to contain_file('status.conf') }.not_to raise_error end end end ['Yes', 'No'].each do |invalid_param| context "with invalid value $extended_status => '#{invalid_param}'" do let :facts do { osfamily: 'Debian', operatingsystemrelease: '6', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :params do { extended_status: invalid_param } end it 'expects to fail regular expression validation' do expect { is_expected.to contain_file('status.conf') }.to raise_error(Puppet::Error) end end end end end diff --git a/spec/classes/mod/suphp_spec.rb b/spec/classes/mod/suphp_spec.rb index db4bebd5..4e8a7548 100644 --- a/spec/classes/mod/suphp_spec.rb +++ b/spec/classes/mod/suphp_spec.rb @@ -1,16 +1,18 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::suphp', type: :class do on_supported_os.each do |os, facts| # suphp has been declared EOL and is no longer supported on any Debian module that we test on next unless facts[:os]['family'] == 'RedHat' context "on #{os} " do let :facts do facts end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_package('mod_suphp') } end end end diff --git a/spec/classes/mod/userdir_spec.rb b/spec/classes/mod/userdir_spec.rb index 9ce731d5..848dc725 100644 --- a/spec/classes/mod/userdir_spec.rb +++ b/spec/classes/mod/userdir_spec.rb @@ -1,78 +1,80 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::userdir', type: :class do context 'on a Debian OS' do let :pre_condition do 'class { "apache": default_mods => false, mod_dir => "/tmp/junk", }' end let :facts do { lsbdistcodename: 'jessie', osfamily: 'Debian', operatingsystemrelease: '8', operatingsystemmajrelease: '8', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'default parameters' do it { is_expected.to compile } end context 'with dir set to something' do let :params do { dir: 'hi', } end it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*UserDir\s+/home/\*/hi$}) } it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*\$}) } end context 'with home set to something' do let :params do { home: '/u', } end it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*UserDir\s+/u/\*/public_html$}) } it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*\$}) } end context 'with path set to something' do let :params do { path: 'public_html /usr/web http://www.example.com/', } end it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*UserDir\s+public_html /usr/web http://www\.example\.com/$}) } it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*\$}) } end context 'with unmanaged_path set to true' do let :params do { unmanaged_path: true, } end it { is_expected.to contain_file('userdir.conf').with_content(%r{^\s*UserDir\s+/home/\*/public_html$}) } it { is_expected.not_to contain_file('userdir.conf').with_content(%r{^\s*\ false, }' end context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } it { is_expected.to contain_file('/etc/apache2/mods-available/worker.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/apache2/mods-enabled/worker.conf').with_ensure('link') } context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.not_to contain_file('/etc/apache2/mods-available/worker.load') } it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/worker.load') } it { is_expected.to contain_package('apache2-mpm-worker') } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', } end it { is_expected.to contain_file('/etc/apache2/mods-available/worker.load').with('ensure' => 'file', 'content' => "LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so\n") } it { is_expected.to contain_file('/etc/apache2/mods-enabled/worker.load').with_ensure('link') } end end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with_ensure('file') } context 'with Apache version < 2.4' do let :params do { apache_version: '2.2', } end it { is_expected.to contain_file_line('/etc/sysconfig/httpd worker enable').with('require' => 'Package[httpd]') } end context 'with Apache version >= 2.4' do let :params do { apache_version: '2.4', } end it { is_expected.not_to contain_apache__mod('event') } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.load').with('ensure' => 'file', 'content' => "LoadModule mpm_worker_module modules/mod_mpm_worker.so\n") } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } it { is_expected.to contain_file('/usr/local/etc/apache24/Modules/worker.conf').with_ensure('file') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } it { is_expected.to contain_file('/etc/apache2/modules.d/worker.conf').with_ensure('file') } end # Template config doesn't vary by distro context 'on all distros' do let :facts do { osfamily: 'RedHat', operatingsystem: 'CentOS', operatingsystemrelease: '6', kernel: 'Linux', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'defaults' do it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+ServerLimit\s+25$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+StartServers\s+2$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MaxClients\s+150$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MinSpareThreads\s+25$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MaxSpareThreads\s+75$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+ThreadsPerChild\s+25$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MaxRequestsPerChild\s+0$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+ThreadLimit\s+64$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s*ListenBacklog\s*511}) } end context 'setting params' do let :params do { serverlimit: 10, startservers: 11, maxclients: 12, minsparethreads: 13, maxsparethreads: 14, threadsperchild: 15, maxrequestsperchild: 16, threadlimit: 17, listenbacklog: 8, } end it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+ServerLimit\s+10$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+StartServers\s+11$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MaxClients\s+12$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MinSpareThreads\s+13$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MaxSpareThreads\s+14$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+ThreadsPerChild\s+15$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+MaxRequestsPerChild\s+16$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s+ThreadLimit\s+17$}) } it { is_expected.to contain_file('/etc/httpd/conf.d/worker.conf').with(content: %r{^\s*ListenBacklog\s*8}) } end end end diff --git a/spec/classes/mod/wsgi_spec.rb b/spec/classes/mod/wsgi_spec.rb index 902d6877..ba1314eb 100644 --- a/spec/classes/mod/wsgi_spec.rb +++ b/spec/classes/mod/wsgi_spec.rb @@ -1,215 +1,217 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod::wsgi', type: :class do it_behaves_like 'a mod class, without including apache' context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::wsgi').with( 'wsgi_socket_prefix' => nil, ) } it { is_expected.to contain_package('libapache2-mod-wsgi') } end context 'on a RedHat OS' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::wsgi').with( 'wsgi_socket_prefix' => '/var/run/wsgi', ) } it { is_expected.to contain_package('mod_wsgi') } context 'on RHEL8' do let(:facts) do super().merge(operatingsystemrelease: '8') end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_file('wsgi.load').with_content(%r{LoadModule wsgi_module modules/mod_wsgi_python3.so}) } it { is_expected.to contain_package('python3-mod_wsgi') } end describe 'with WSGIRestrictEmbedded enabled' do let :params do { wsgi_restrict_embedded: 'On' } end it { is_expected.to contain_file('wsgi.conf').with_content(%r{^ WSGIRestrictEmbedded On$}) } end describe 'with custom WSGISocketPrefix' do let :params do { wsgi_socket_prefix: 'run/wsgi' } end it { is_expected.to contain_file('wsgi.conf').with_content(%r{^ WSGISocketPrefix run\/wsgi$}) } end describe 'with custom WSGIPythonHome' do let :params do { wsgi_python_home: '/path/to/virtenv' } end it { is_expected.to contain_file('wsgi.conf').with_content(%r{^ WSGIPythonHome "\/path\/to\/virtenv"$}) } end describe 'with custom WSGIApplicationGroup' do let :params do { wsgi_application_group: '%{GLOBAL}' } end it { is_expected.to contain_file('wsgi.conf').with_content(%r{^ WSGIApplicationGroup "%{GLOBAL}"$}) } end describe 'with custom WSGIPythonOptimize' do let :params do { wsgi_python_optimize: 1 } end it { is_expected.to contain_file('wsgi.conf').with_content(%r{^ WSGIPythonOptimize 1$}) } end describe 'with custom package_name and mod_path' do let :params do { package_name: 'mod_wsgi_package', mod_path: '/foo/bar/baz', } end it { is_expected.to contain_apache__mod('wsgi').with('package' => 'mod_wsgi_package', 'path' => '/foo/bar/baz') } it { is_expected.to contain_package('mod_wsgi_package') } it { is_expected.to contain_file('wsgi.load').with_content(%r{LoadModule wsgi_module /foo/bar/baz}) } end describe 'with custom mod_path not containing /' do let :params do { package_name: 'mod_wsgi_package', mod_path: 'wsgi_mod_name.so', } end it { is_expected.to contain_apache__mod('wsgi').with('path' => 'modules/wsgi_mod_name.so', 'package' => 'mod_wsgi_package') } it { is_expected.to contain_file('wsgi.load').with_content(%r{LoadModule wsgi_module modules/wsgi_mod_name.so}) } end describe 'with package_name but no mod_path' do let :params do { mod_path: '/foo/bar/baz', } end it { expect { catalogue }.to raise_error Puppet::Error, %r{apache::mod::wsgi - both package_name and mod_path must be specified!} } end describe 'with mod_path but no package_name' do let :params do { package_name: '/foo/bar/baz', } end it { expect { catalogue }.to raise_error Puppet::Error, %r{apache::mod::wsgi - both package_name and mod_path must be specified!} } end end context 'on a FreeBSD OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::wsgi').with( 'wsgi_socket_prefix' => nil, ) } it { is_expected.to contain_package('www/mod_wsgi') } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_class('apache::mod::wsgi').with( 'wsgi_socket_prefix' => nil, ) } it { is_expected.to contain_package('www-apache/mod_wsgi') } end context 'overriding mod_libs' do context 'on a RedHat OS', :compile do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'Fedora', operatingsystemrelease: '28', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let :pre_condition do <<-MANIFEST include apache::params class { 'apache': mod_packages => merge($::apache::params::mod_packages, { 'wsgi' => 'python3-mod_wsgi', }), mod_libs => merge($::apache::params::mod_libs, { 'wsgi' => 'mod_wsgi_python3.so', }) } MANIFEST end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_file('wsgi.load').with_content(%r{LoadModule wsgi_module modules/mod_wsgi_python3.so}) } it { is_expected.to contain_package('python3-mod_wsgi') } end end end diff --git a/spec/classes/params_spec.rb b/spec/classes/params_spec.rb index ad616377..ef0c06b5 100644 --- a/spec/classes/params_spec.rb +++ b/spec/classes/params_spec.rb @@ -1,21 +1,23 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::params', type: :class do context 'On a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to compile.with_all_deps } it { is_expected.to have_resource_count(0) } end end diff --git a/spec/classes/service_spec.rb b/spec/classes/service_spec.rb index 0ade8ef1..d446f667 100644 --- a/spec/classes/service_spec.rb +++ b/spec/classes/service_spec.rb @@ -1,173 +1,175 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::service', type: :class do let :pre_condition do 'include apache::params' end context 'on a Debian OS' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_service('httpd').with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'true', ) } context "with $service_name => 'foo'" do let(:params) { { service_name: 'foo' } } it { is_expected.to contain_service('httpd').with( 'name' => 'foo', ) } end context 'with $service_enable => true' do let(:params) { { service_enable: true } } it { is_expected.to contain_service('httpd').with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'true', ) } end context 'with $service_enable => false' do let(:params) { { service_enable: false } } it { is_expected.to contain_service('httpd').with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'false', ) } end context "with $service_ensure => 'running'" do let(:params) { { service_ensure: 'running' } } it { is_expected.to contain_service('httpd').with( 'ensure' => 'running', 'enable' => 'true', ) } end context "with $service_ensure => 'stopped'" do let(:params) { { service_ensure: 'stopped' } } it { is_expected.to contain_service('httpd').with( 'ensure' => 'stopped', 'enable' => 'true', ) } end context "with $service_ensure => 'UNDEF'" do let(:params) { { service_ensure: 'UNDEF' } } it { is_expected.to contain_service('httpd').without_ensure } end context 'with $service_restart unset' do it { is_expected.to contain_service('httpd').without_restart } end context "with $service_restart => '/usr/sbin/apachectl graceful'" do let(:params) { { service_restart: '/usr/sbin/apachectl graceful' } } it { is_expected.to contain_service('httpd').with( 'restart' => '/usr/sbin/apachectl graceful', ) } end end context 'on a RedHat 5 OS, do not manage service' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '5', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) do { 'service_ensure' => 'running', 'service_name' => 'httpd', 'service_manage' => false, } end it { is_expected.not_to contain_service('httpd') } end context 'on a FreeBSD 5 OS' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end it { is_expected.to contain_service('httpd').with( 'name' => 'apache24', 'ensure' => 'running', 'enable' => 'true', ) } end context 'on a Gentoo OS' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end it { is_expected.to contain_service('httpd').with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'true', ) } end end diff --git a/spec/classes/vhosts_spec.rb b/spec/classes/vhosts_spec.rb index 319e3df5..673028b8 100644 --- a/spec/classes/vhosts_spec.rb +++ b/spec/classes/vhosts_spec.rb @@ -1,37 +1,39 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::vhosts', type: :class do context 'on all OSes' do let :facts do { id: 'root', kernel: 'Linux', osfamily: 'RedHat', operatingsystem: 'RedHat', operatingsystemrelease: '6', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'with custom vhosts parameter' do let :params do { vhosts: { 'custom_vhost_1' => { 'docroot' => '/var/www/custom_vhost_1', 'port' => '81', }, 'custom_vhost_2' => { 'docroot' => '/var/www/custom_vhost_2', 'port' => '82', }, }, } end it { is_expected.to contain_apache__vhost('custom_vhost_1') } it { is_expected.to contain_apache__vhost('custom_vhost_2') } end end end diff --git a/spec/defines/balancer_spec.rb b/spec/defines/balancer_spec.rb index 4b6f96ec..7ba64a8a 100644 --- a/spec/defines/balancer_spec.rb +++ b/spec/defines/balancer_spec.rb @@ -1,83 +1,85 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::balancer', type: :define do let :title do 'myapp' end let :facts do { osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', kernel: 'Linux', is_pe: false, } end describe 'apache pre_condition with defaults' do let :pre_condition do 'include apache' end describe 'works when only declaring resource title' do it { is_expected.to contain_concat('apache_balancer_myapp') } it { is_expected.to contain_concat__fragment('00-myapp-header').with_content(%r{^$}) } end describe 'accept a target parameter and use it' do let :params do { target: '/tmp/myapp.conf', } end it { is_expected.to contain_concat('apache_balancer_myapp').with(path: '/tmp/myapp.conf') } end describe 'accept an options parameter and use it' do let :params do { options: ['timeout=0', 'nonce=none'], } end it { is_expected.to contain_concat__fragment('00-myapp-header').with_content( %r{^$}, ) } end end describe 'apache pre_condition with conf_dir set' do let :pre_condition do 'class{"apache": confd_dir => "/junk/path" }' end it { is_expected.to contain_concat('apache_balancer_myapp').with(path: '/junk/path/balancer_myapp.conf') } end describe 'with lbmethod and with apache::mod::proxy_balancer::apache_version set' do let :pre_condition do 'class{"apache::mod::proxy_balancer": apache_version => "2.4" }' end let :params do { proxy_set: { 'lbmethod' => 'bytraffic', }, } end it { is_expected.to contain_apache__mod('slotmem_shm') } it { is_expected.to contain_apache__mod('lbmethod_bytraffic') } end end diff --git a/spec/defines/balancermember_spec.rb b/spec/defines/balancermember_spec.rb index 1e57ca59..8458d3f3 100644 --- a/spec/defines/balancermember_spec.rb +++ b/spec/defines/balancermember_spec.rb @@ -1,63 +1,65 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::balancermember', type: :define do let :pre_condition do 'include apache' end let :facts do { osfamily: 'Debian', operatingsystem: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', id: 'root', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', kernel: 'Linux', is_pe: false, } end describe 'allows multiple balancermembers with the same url' do let :pre_condition do 'include apache apache::balancer {"balancer":} apache::balancer {"balancer-external":} apache::balancermember {"http://127.0.0.1:8080-external": url => "http://127.0.0.1:8080/", balancer_cluster => "balancer-external"} ' end let :title do 'http://127.0.0.1:8080/' end let :params do { options: [], url: 'http://127.0.0.1:8080/', balancer_cluster: 'balancer-internal', } end it { is_expected.to contain_concat__fragment('BalancerMember http://127.0.0.1:8080/') } end describe 'allows balancermember with a different target' do let :pre_condition do 'include apache apache::balancer {"balancername": target => "/etc/apache/balancer.conf"} apache::balancermember {"http://127.0.0.1:8080-external": url => "http://127.0.0.1:8080/", balancer_cluster => "balancername"} ' end let :title do 'http://127.0.0.1:8080/' end let :params do { options: [], url: 'http://127.0.0.1:8080/', balancer_cluster: 'balancername', } end it { is_expected.to contain_concat__fragment('BalancerMember http://127.0.0.1:8080/').with(target: 'apache_balancer_balancername') } end end diff --git a/spec/defines/custom_config_spec.rb b/spec/defines/custom_config_spec.rb index 4b262ef6..9011fd68 100644 --- a/spec/defines/custom_config_spec.rb +++ b/spec/defines/custom_config_spec.rb @@ -1,122 +1,124 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::custom_config', type: :define do let :pre_condition do 'class { "apache": }' end let :title do 'rspec' end let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end context 'defaults with content' do let :params do { 'content' => '# Test', } end it { is_expected.to contain_exec('syntax verification for rspec').with('refreshonly' => 'true', 'subscribe' => 'File[apache_rspec]', 'command' => '/usr/sbin/apachectl -t', 'notify' => 'Class[Apache::Service]', 'before' => 'Exec[remove rspec if invalid]') } it { is_expected.to contain_exec('remove rspec if invalid').with('unless' => '/usr/sbin/apachectl -t', 'subscribe' => 'File[apache_rspec]', 'refreshonly' => 'true') } it { is_expected.to contain_file('apache_rspec').with('ensure' => 'present', 'content' => '# Test', 'require' => 'Package[httpd]') } end context 'set everything with source' do let :params do { 'confdir' => '/dne', 'priority' => '30', 'source' => 'puppet:///modules/apache/test', 'verify_command' => '/bin/true', } end it { is_expected.to contain_exec('syntax verification for rspec').with('command' => '/bin/true') } it { is_expected.to contain_exec('remove rspec if invalid').with('command' => '/bin/rm /dne/30-rspec.conf', 'unless' => '/bin/true') } it { is_expected.to contain_file('apache_rspec').with('path' => '/dne/30-rspec.conf', 'ensure' => 'present', 'source' => 'puppet:///modules/apache/test', 'require' => 'Package[httpd]') } end context 'verify_config => false' do let :params do { 'content' => '# test', 'verify_config' => false, } end it { is_expected.not_to contain_exec('syntax verification for rspec') } it { is_expected.not_to contain_exec('remove rspec if invalid') } it { is_expected.to contain_file('apache_rspec').with('notify' => 'Class[Apache::Service]') } end context 'ensure => absent' do let :params do { 'ensure' => 'absent', } end it { is_expected.not_to contain_exec('syntax verification for rspec') } it { is_expected.not_to contain_exec('remove rspec if invalid') } it { is_expected.to contain_file('apache_rspec').with('ensure' => 'absent') } end describe 'validation' do context 'both content and source' do let :params do { 'content' => 'foo', 'source' => 'bar', } end it do expect { catalogue }.to raise_error(Puppet::Error, %r{Only one of \$content and \$source can be specified\.}) end end context 'neither content nor source' do it do expect { catalogue }.to raise_error(Puppet::Error, %r{One of \$content and \$source must be specified\.}) end end end end diff --git a/spec/defines/fastcgi_server_spec.rb b/spec/defines/fastcgi_server_spec.rb index cd3e1781..44ba4dd8 100644 --- a/spec/defines/fastcgi_server_spec.rb +++ b/spec/defines/fastcgi_server_spec.rb @@ -1,105 +1,100 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::fastcgi::server', type: :define do let :pre_condition do 'include apache' end let :title do 'www' end on_supported_os.each do |os, facts| next if facts[:os]['release']['major'] == '18.04' || facts[:os]['release']['major'] == '20.04' next if (facts[:os]['release']['major'] == '7' || facts[:os]['release']['major'] == '8') && facts[:os]['family']['RedHat'] context "on #{os} " do let :facts do facts end it { is_expected.to contain_class('apache') } it { is_expected.to contain_class('apache::mod::fastcgi') } case facts[:os]['family'] when 'RedHat' it { is_expected.to contain_file("fastcgi-pool-#{title}.conf").with( ensure: 'file', path: "/etc/httpd/conf.d/fastcgi-pool-#{title}.conf", ) } - when 'Debian' + when 'Debian', 'Gentoo' it { is_expected.to contain_file("fastcgi-pool-#{title}.conf").with( ensure: 'file', path: "/etc/apache2/conf.d/fastcgi-pool-#{title}.conf", ) } when 'FreeBSD' it { is_expected.to contain_file("fastcgi-pool-#{title}.conf").with( ensure: 'file', path: "/usr/local/etc/apache24/Includes/fastcgi-pool-#{title}.conf", ) } - when 'Gentoo' - it { - is_expected.to contain_file("fastcgi-pool-#{title}.conf").with( - ensure: 'file', - path: "/etc/apache2/conf.d/fastcgi-pool-#{title}.conf", - ) - } end describe 'os-independent items' do describe '.conf content using TCP communication' do let :params do { host: '127.0.0.1:9001', timeout: 30, flush: true, faux_path: '/var/www/php-www.fcgi', fcgi_alias: '/php-www.fcgi', file_type: 'application/x-httpd-php', pass_header: 'Authorization', } end let :expected do # rubocop:disable Layout/IndentationWidth : Changes to the indent causes test failures. 'FastCGIExternalServer /var/www/php-www.fcgi -idle-timeout 30 -flush -host 127.0.0.1:9001 -pass-header Authorization Alias /php-www.fcgi /var/www/php-www.fcgi Action application/x-httpd-php /php-www.fcgi ' # rubocop:enable Layout/IndentationWidth end it do is_expected.to contain_file('fastcgi-pool-www.conf').with_content(expected) end end describe '.conf content using socket communication' do let :params do { host: '/var/run/fcgi.sock', timeout: 30, flush: true, faux_path: '/var/www/php-www.fcgi', fcgi_alias: '/php-www.fcgi', file_type: 'application/x-httpd-php', } end let :expected do # rubocop:disable Layout/IndentationWidth : Changes to the indent causes test failures. 'FastCGIExternalServer /var/www/php-www.fcgi -idle-timeout 30 -flush -socket /var/run/fcgi.sock Alias /php-www.fcgi /var/www/php-www.fcgi Action application/x-httpd-php /php-www.fcgi ' # rubocop:enable Layout/IndentationWidth end it do is_expected.to contain_file('fastcgi-pool-www.conf').with_content(expected) end end end end end end diff --git a/spec/defines/mod_spec.rb b/spec/defines/mod_spec.rb index 24661611..e4c11af5 100644 --- a/spec/defines/mod_spec.rb +++ b/spec/defines/mod_spec.rb @@ -1,156 +1,158 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::mod', type: :define do let :pre_condition do 'include apache' end context 'on a RedHat osfamily' do let :facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end describe 'for non-special modules' do let :title do 'spec_m' end it { is_expected.to contain_class('apache::params') } it 'manages the module load file' do is_expected.to contain_file('spec_m.load').with(path: '/etc/httpd/conf.d/spec_m.load', content: "LoadModule spec_m_module modules/mod_spec_m.so\n", owner: 'root', group: 'root', mode: '0644') end end describe 'with file_mode set' do let :pre_condition do "class {'::apache': file_mode => '0640'}" end let :title do 'spec_m' end it 'manages the module load file' do is_expected.to contain_file('spec_m.load').with(mode: '0640') end end describe 'with shibboleth module and package param passed' do # name/title for the apache::mod define let :title do 'xsendfile' end # parameters let(:params) { { package: 'mod_xsendfile' } } it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_package('mod_xsendfile') } end end context 'on a Debian osfamily' do let :facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end describe 'for non-special modules' do let :title do 'spec_m' end it { is_expected.to contain_class('apache::params') } it 'manages the module load file' do is_expected.to contain_file('spec_m.load').with(path: '/etc/apache2/mods-available/spec_m.load', content: "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", owner: 'root', group: 'root', mode: '0644') end it 'links the module load file' do is_expected.to contain_file('spec_m.load symlink').with(path: '/etc/apache2/mods-enabled/spec_m.load', target: '/etc/apache2/mods-available/spec_m.load', owner: 'root', group: 'root', mode: '0644') end end end context 'on a FreeBSD osfamily' do let :facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end describe 'for non-special modules' do let :title do 'spec_m' end it { is_expected.to contain_class('apache::params') } it 'manages the module load file' do is_expected.to contain_file('spec_m.load').with(path: '/usr/local/etc/apache24/Modules/spec_m.load', content: "LoadModule spec_m_module /usr/local/libexec/apache24/mod_spec_m.so\n", owner: 'root', group: 'wheel', mode: '0644') end end end context 'on a Gentoo osfamily' do let :facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end describe 'for non-special modules' do let :title do 'spec_m' end it { is_expected.to contain_class('apache::params') } it 'manages the module load file' do is_expected.to contain_file('spec_m.load').with(path: '/etc/apache2/modules.d/spec_m.load', content: "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", owner: 'root', group: 'wheel', mode: '0644') end end end end diff --git a/spec/defines/modsec_link_spec.rb b/spec/defines/modsec_link_spec.rb index 3035b71b..400ae555 100644 --- a/spec/defines/modsec_link_spec.rb +++ b/spec/defines/modsec_link_spec.rb @@ -1,39 +1,41 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::security::rule_link', type: :define do let :pre_condition do 'class { "apache": } class { "apache::mod::security": activated_rules => [] } ' end let :title do 'base_rules/modsecurity_35_bad_robots.data' end on_supported_os.each do |os, facts| context "on #{os} " do let :facts do facts end it { is_expected.to compile.with_all_deps } case facts[:os]['family'] when 'RedHat' it { is_expected.to contain_file('modsecurity_35_bad_robots.data').with( path: '/etc/httpd/modsecurity.d/activated_rules/modsecurity_35_bad_robots.data', target: '/usr/lib/modsecurity.d/base_rules/modsecurity_35_bad_robots.data', ) } when 'Debian' it { is_expected.to contain_file('modsecurity_35_bad_robots.data').with( path: '/etc/modsecurity/activated_rules/modsecurity_35_bad_robots.data', target: '/usr/share/modsecurity-crs/base_rules/modsecurity_35_bad_robots.data', ) } end end end end diff --git a/spec/defines/vhost_custom_spec.rb b/spec/defines/vhost_custom_spec.rb index 05c9183b..962e12da 100644 --- a/spec/defines/vhost_custom_spec.rb +++ b/spec/defines/vhost_custom_spec.rb @@ -1,107 +1,111 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::vhost::custom', type: :define do let :title do 'rspec.example.com' end let :default_params do { content: 'foobar', } end describe 'os-dependent items' do context 'on RedHat based systems' do let :default_facts do { osfamily: 'RedHat', operatingsystemrelease: '6', operatingsystem: 'RedHat', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) { default_params } let(:facts) { default_facts } + + it { is_expected.to compile } end context 'on Debian based systems' do let :default_facts do { osfamily: 'Debian', operatingsystemrelease: '8', lsbdistcodename: 'jessie', operatingsystem: 'Debian', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) { default_params } let(:facts) { default_facts } it { is_expected.to contain_file('apache_rspec.example.com').with( ensure: 'present', content: 'foobar', path: '/etc/apache2/sites-available/25-rspec.example.com.conf', ) } it { is_expected.to contain_file('25-rspec.example.com.conf symlink').with( ensure: 'link', path: '/etc/apache2/sites-enabled/25-rspec.example.com.conf', target: '/etc/apache2/sites-available/25-rspec.example.com.conf', ) } end context 'on FreeBSD systems' do let :default_facts do { osfamily: 'FreeBSD', operatingsystemrelease: '9', operatingsystem: 'FreeBSD', id: 'root', kernel: 'FreeBSD', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', is_pe: false, } end let(:params) { default_params } let(:facts) { default_facts } it { is_expected.to contain_file('apache_rspec.example.com').with( ensure: 'present', content: 'foobar', path: '/usr/local/etc/apache24/Vhosts/25-rspec.example.com.conf', ) } end context 'on Gentoo systems' do let :default_facts do { osfamily: 'Gentoo', operatingsystem: 'Gentoo', operatingsystemrelease: '3.16.1-gentoo', id: 'root', kernel: 'Linux', path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', is_pe: false, } end let(:params) { default_params } let(:facts) { default_facts } it { is_expected.to contain_file('apache_rspec.example.com').with( ensure: 'present', content: 'foobar', path: '/etc/apache2/vhosts.d/25-rspec.example.com.conf', ) } end end end diff --git a/spec/defines/vhost_fragment_spec.rb b/spec/defines/vhost_fragment_spec.rb index 2db780d2..886c71f0 100644 --- a/spec/defines/vhost_fragment_spec.rb +++ b/spec/defines/vhost_fragment_spec.rb @@ -1,117 +1,119 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::vhost::fragment' do on_supported_os.each do |os, os_facts| context "on #{os}" do let(:facts) { os_facts } let(:title) { 'myfragment' } context 'adding to the default vhost' do let(:pre_condition) { 'include apache' } let(:params) do { vhost: 'default', priority: '15', } end context 'with content' do let(:params) { super().merge(content: '# Foo') } it 'creates a vhost concat fragment' do is_expected.to compile.with_all_deps is_expected.to contain_concat('15-default.conf') is_expected.to create_concat__fragment('default-myfragment') .with_target('15-default.conf') .with_order(900) .with_content('# Foo') end end context 'without content' do let(:params) { super().merge(content: '') } it 'does not create a vhost concat fragment' do is_expected.to compile.with_all_deps is_expected.to contain_concat('15-default.conf') is_expected.not_to contain_concat__fragment('default-myfragment') end end end context 'adding to a custom vhost' do let(:params) do { vhost: 'custom', content: '# Foo', } end context 'with priority => false' do let(:params) { super().merge(priority: false) } let(:pre_condition) do <<-PUPPET include apache apache::vhost { 'custom': docroot => '/path/to/docroot', priority => false, } PUPPET end it 'creates a vhost concat fragment' do is_expected.to compile.with_all_deps is_expected.to contain_concat('custom.conf') is_expected.to create_concat__fragment('custom-myfragment') .with_target('custom.conf') .with_order(900) .with_content('# Foo') end end context 'with priority => 42' do let(:params) { super().merge(priority: '42') } let(:pre_condition) do <<-PUPPET include apache apache::vhost { 'custom': docroot => '/path/to/docroot', priority => '42', } PUPPET end it 'creates a vhost concat fragment' do is_expected.to compile.with_all_deps is_expected.to contain_concat('42-custom.conf') is_expected.to create_concat__fragment('custom-myfragment') .with_target('42-custom.conf') .with_order(900) .with_content('# Foo') end end context 'with default priority' do let(:pre_condition) do <<-PUPPET include apache apache::vhost { 'custom': docroot => '/path/to/docroot', } PUPPET end it 'creates a vhost concat fragment' do is_expected.to compile.with_all_deps is_expected.to contain_concat('25-custom.conf') is_expected.to create_concat__fragment('custom-myfragment') .with_target('25-custom.conf') .with_order(900) .with_content('# Foo') end end end end end end diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index b970f400..a6ce2b29 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -1,2500 +1,2502 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'apache::vhost', type: :define do describe 'os-independent items' do on_supported_os.each do |os, facts| # this setup uses fastcgi wich isn't available on RHEL 7 / RHEL 8 / Ubuntu 18.04 next if facts[:os]['release']['major'] == '18.04' || facts[:os]['release']['major'] == '20.04' next if (facts[:os]['release']['major'] == '7' || facts[:os]['release']['major'] == '8') && facts[:os]['family']['RedHat'] # next if facts[:os]['name'] == 'SLES' apache_name = case facts[:os]['family'] when 'RedHat' 'httpd' when 'Debian' 'apache2' else 'apache2' end let :pre_condition do "class {'apache': default_vhost => false, default_mods => false, vhost_enable_dir => '/etc/#{apache_name}/sites-enabled'}" end let :title do 'rspec.example.com' end let :default_params do { docroot: '/rspec/docroot', port: '84', } end context "on #{os} " do let :facts do facts end describe 'basic assumptions' do let(:params) { default_params } it { is_expected.to contain_class('apache') } it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__listen(params[:port]) } # namebased virualhost is only created on apache 2.2 and older if (facts[:os]['family'] == 'RedHat' && facts[:os]['release']['major'].to_i < 8) || (facts[:os]['name'] == 'Amazon') || (facts[:os]['name'] == 'SLES' && facts[:os]['release']['major'].to_i < 12) it { is_expected.to contain_apache__namevirtualhost("*:#{params[:port]}") } end end context 'set everything!' do let :params do { 'docroot' => '/var/www/foo', 'manage_docroot' => false, 'virtual_docroot' => true, 'port' => '8080', 'ip' => '127.0.0.1', 'ip_based' => true, 'add_listen' => false, 'docroot_owner' => 'user', 'docroot_group' => 'wheel', 'docroot_mode' => '0664', 'serveradmin' => 'foo@localhost', 'ssl' => true, 'ssl_cert' => '/ssl/cert', 'ssl_key' => '/ssl/key', 'ssl_chain' => '/ssl/chain', 'ssl_crl_path' => '/ssl/crl', 'ssl_crl' => 'foo.crl', 'ssl_certs_dir' => '/ssl/certs', 'ssl_protocol' => 'SSLv2', 'ssl_cipher' => 'HIGH', 'ssl_honorcipherorder' => 'Off', 'ssl_verify_client' => 'optional', 'ssl_verify_depth' => '3', 'ssl_options' => '+ExportCertData', 'ssl_openssl_conf_cmd' => 'DHParameters "foo.pem"', 'ssl_proxy_verify' => 'require', 'ssl_proxy_check_peer_cn' => 'on', 'ssl_proxy_check_peer_name' => 'on', 'ssl_proxy_check_peer_expire' => 'on', 'ssl_proxyengine' => true, 'ssl_proxy_cipher_suite' => 'HIGH', 'ssl_proxy_protocol' => 'TLSv1.2', 'ssl_user_name' => 'SSL_CLIENT_S_DN_CN', 'priority' => '30', 'default_vhost' => true, 'servername' => 'example.com', 'serveraliases' => ['test-example.com'], 'options' => ['MultiView'], 'override' => ['All'], 'directoryindex' => 'index.html', 'vhost_name' => 'test', 'logroot' => '/var/www/logs', 'logroot_ensure' => 'directory', 'logroot_mode' => '0600', 'logroot_owner' => 'root', 'logroot_group' => 'root', 'log_level' => 'crit', 'access_log' => false, 'access_log_file' => 'httpd_access_log', 'access_log_syslog' => true, 'access_log_format' => '%h %l %u %t \"%r\" %>s %b', 'access_log_env_var' => '', 'aliases' => '/image', 'directories' => [ { 'path' => '/var/www/files', 'provider' => 'files', 'require' => ['valid-user', 'all denied'], }, { 'path' => '/var/www/files', 'provider' => 'files', 'additional_includes' => ['/custom/path/includes', '/custom/path/another_includes'], }, { 'path' => '/var/www/files', 'provider' => 'files', 'require' => 'all granted', }, { 'path' => '/var/www/files', 'provider' => 'files', 'require' => { 'enforce' => 'all', 'requires' => ['all-valid1', 'all-valid2'], }, }, { 'path' => '/var/www/files', 'provider' => 'files', 'require' => { 'enforce' => 'none', 'requires' => ['none-valid1', 'none-valid2'], }, }, { 'path' => '/var/www/files', 'provider' => 'files', 'require' => { 'enforce' => 'any', 'requires' => ['any-valid1', 'any-valid2'], }, }, { 'path' => '*', 'provider' => 'proxy', }, { 'path' => '/var/www/files/indexed_directory', 'directoryindex' => 'disabled', 'options' => ['Indexes', 'FollowSymLinks', 'MultiViews'], 'index_options' => ['FancyIndexing'], 'index_style_sheet' => '/styles/style.css' }, { 'path' => '/var/www/files/output_filtered', 'set_output_filter' => 'output_filter' }, { 'path' => '/var/www/files/input_filtered', 'set_input_filter' => 'input_filter' }, { 'path' => '/var/www/files', 'provider' => 'location', 'limit' => [ { 'methods' => 'GET HEAD', 'require' => ['valid-user'] }, ] }, { 'path' => '/var/www/files', 'provider' => 'location', 'limit_except' => [ { 'methods' => 'GET HEAD', 'require' => ['valid-user'] }, ] }, { 'path' => '/var/www/dav', 'dav' => 'filesystem', 'dav_depth_infinity' => true, 'dav_min_timeout' => '600' }, { 'path' => '/var/www/http2', 'h2_copy_files' => true, 'h2_push_resource' => [ '/foo.css', '/foo.js', ], }, { 'path' => '/', 'provider' => 'location', 'auth_ldap_referrals' => 'off', }, { 'path' => '/proxy', 'provider' => 'location', 'proxy_pass' => [ { 'url' => 'http://backend-b/', 'keywords' => ['noquery', 'interpolate'], 'params' => { 'retry' => '0', 'timeout' => '5', }, }, ], }, { 'path' => '/var/www/node-app/public', 'passenger_enabled' => true, 'passenger_base_uri' => '/app', 'passenger_ruby' => '/path/to/ruby', 'passenger_python' => '/path/to/python', 'passenger_nodejs' => '/path/to/nodejs', 'passenger_meteor_app_settings' => '/path/to/file.json', 'passenger_app_env' => 'demo', 'passenger_app_root' => '/var/www/node-app', 'passenger_app_group_name' => 'foo_bar', 'passenger_app_start_command' => 'start-command', 'passenger_app_type' => 'node', 'passenger_startup_file' => 'start.js', 'passenger_restart_dir' => 'temp', 'passenger_load_shell_envvars' => false, 'passenger_rolling_restarts' => false, 'passenger_resist_deployment_errors' => false, 'passenger_user' => 'nodeuser', 'passenger_group' => 'nodegroup', 'passenger_friendly_error_pages' => true, 'passenger_min_instances' => 7, 'passenger_max_instances' => 9, 'passenger_force_max_concurrent_requests_per_process' => 12, 'passenger_start_timeout' => 10, 'passenger_concurrency_model' => 'thread', 'passenger_thread_count' => 20, 'passenger_max_requests' => 2000, 'passenger_max_request_time' => 1, 'passenger_memory_limit' => 32, 'passenger_high_performance' => false, 'passenger_buffer_upload' => false, 'passenger_buffer_response' => false, 'passenger_error_override' => false, 'passenger_max_request_queue_size' => 120, 'passenger_max_request_queue_time' => 5, 'passenger_sticky_sessions' => true, 'passenger_sticky_sessions_cookie_name' => '_delicious_cookie', 'passenger_sticky_sessions_cookie_attributes' => 'SameSite=Lax; Secure;', 'passenger_allow_encoded_slashes' => false, 'passenger_app_log_file' => '/tmp/app.log', 'passenger_debugger' => false, 'gssapi' => { 'credstore' => 'keytab:/foo/bar.keytab', 'localname' => 'On', 'sslonly' => 'Off', }, }, { 'path' => '/private_1', 'provider' => 'location', 'ssl_options' => ['+ExportCertData', '+StdEnvVars'], 'ssl_verify_client' => 'optional', 'ssl_verify_depth' => '10', }, ], 'error_log' => false, 'error_log_file' => 'httpd_error_log', 'error_log_syslog' => true, 'error_log_format' => ['[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i'], 'error_documents' => 'true', 'fallbackresource' => '/index.php', 'scriptalias' => '/usr/lib/cgi-bin', 'scriptaliases' => [ { 'alias' => '/myscript', 'path' => '/usr/share/myscript', }, { 'aliasmatch' => '^/foo(.*)', 'path' => '/usr/share/fooscripts$1', }, ], 'limitreqfieldsize' => 8190, 'limitreqfields' => 100, 'limitreqline' => 8190, 'limitreqbody' => 0, 'proxy_dest' => '/', 'proxy_pass' => [ { 'path' => '/a', 'url' => 'http://backend-a/', 'keywords' => ['noquery', 'interpolate'], 'no_proxy_uris' => ['/a/foo', '/a/bar'], 'no_proxy_uris_match' => ['/a/foomatch'], 'reverse_cookies' => [ { 'path' => '/a', 'url' => 'http://backend-a/', }, { 'domain' => 'foo', 'url' => 'http://foo', }, ], 'params' => { 'retry' => '0', 'timeout' => '5', }, 'setenv' => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1'], }, ], 'proxy_pass_match' => [ { 'path' => '/a', 'url' => 'http://backend-a/', 'keywords' => ['noquery', 'interpolate'], 'no_proxy_uris' => ['/a/foo', '/a/bar'], 'no_proxy_uris_match' => ['/a/foomatch'], 'params' => { 'retry' => '0', 'timeout' => '5', }, 'setenv' => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1'], }, ], 'proxy_requests' => false, 'suphp_addhandler' => 'foo', 'suphp_engine' => 'on', 'suphp_configpath' => '/var/www/html', 'php_admin_flags' => ['foo', 'bar'], 'php_admin_values' => ['true', 'false'], 'no_proxy_uris' => '/foo', 'no_proxy_uris_match' => '/foomatch', 'proxy_preserve_host' => true, 'proxy_add_headers' => true, 'proxy_error_override' => true, 'redirect_source' => '/bar', 'redirect_dest' => '/', 'redirect_status' => 'temp', 'redirectmatch_status' => ['404'], 'redirectmatch_regexp' => ['\.git$'], 'redirectmatch_dest' => ['http://www.example.com'], 'headers' => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', 'request_headers' => ['append MirrorID "mirror 12"'], 'rewrites' => [ { 'rewrite_rule' => ['^index\.html$ welcome.html'], }, ], 'filters' => [ 'FilterDeclare COMPRESS', 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css', 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain', 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml', 'FilterChain COMPRESS', 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', ], 'rewrite_base' => '/', 'rewrite_rule' => '^index\.html$ welcome.html', 'rewrite_cond' => '%{HTTP_USER_AGENT} ^MSIE', 'rewrite_inherit' => true, 'setenv' => ['FOO=/bin/true'], 'setenvif' => 'Request_URI "\.gif$" object_is_image=gif', 'setenvifnocase' => 'REMOTE_ADDR ^127.0.0.1 localhost=true', 'block' => 'scm', 'wsgi_application_group' => '%{GLOBAL}', 'wsgi_daemon_process' => { 'foo' => { 'python-home' => '/usr' }, 'bar' => {} }, 'wsgi_daemon_process_options' => { 'processes' => '2', 'threads' => '15', 'display-name' => '%{GROUP}', }, 'wsgi_import_script' => '/var/www/demo.wsgi', 'wsgi_import_script_options' => { 'process-group' => 'wsgi', 'application-group' => '%{GLOBAL}', }, 'wsgi_process_group' => 'wsgi', 'wsgi_script_aliases' => { '/' => '/var/www/demo.wsgi', }, 'wsgi_script_aliases_match' => { '^/test/(^[/*)' => '/var/www/demo.wsgi', }, 'wsgi_pass_authorization' => 'On', 'custom_fragment' => '#custom string', 'itk' => { 'user' => 'someuser', 'group' => 'somegroup', }, 'wsgi_chunked_request' => 'On', 'action' => 'foo', 'fastcgi_server' => 'localhost', 'fastcgi_socket' => '/tmp/fastcgi.socket', 'fastcgi_dir' => '/tmp', 'fastcgi_idle_timeout' => '120', 'additional_includes' => '/custom/path/includes', 'apache_version' => '2.4', 'use_optional_includes' => true, 'suexec_user_group' => 'root root', 'allow_encoded_slashes' => 'nodecode', 'use_canonical_name' => 'dns', 'h2_copy_files' => false, 'h2_direct' => true, 'h2_early_hints' => false, 'h2_max_session_streams' => 100, 'h2_modern_tls_only' => true, 'h2_push' => true, 'h2_push_diary_size' => 256, 'h2_push_priority' => [ 'application/json 32', ], 'h2_push_resource' => [ '/css/main.css', '/js/main.js', ], 'h2_serialize_headers' => false, 'h2_stream_max_mem_size' => 65_536, 'h2_tls_cool_down_secs' => 1, 'h2_tls_warm_up_size' => 1_048_576, 'h2_upgrade' => true, 'h2_window_size' => 65_535, 'passenger_enabled' => false, 'passenger_base_uri' => '/app', 'passenger_ruby' => '/usr/bin/ruby1.9.1', 'passenger_python' => '/usr/local/bin/python', 'passenger_nodejs' => '/usr/bin/node', 'passenger_meteor_app_settings' => '/path/to/some/file.json', 'passenger_app_env' => 'test', 'passenger_app_root' => '/usr/share/myapp', 'passenger_app_group_name' => 'app_customer', 'passenger_app_start_command' => 'start-my-app', 'passenger_app_type' => 'rack', 'passenger_startup_file' => 'bin/www', 'passenger_restart_dir' => 'tmp', 'passenger_spawn_method' => 'direct', 'passenger_load_shell_envvars' => false, 'passenger_rolling_restarts' => false, 'passenger_resist_deployment_errors' => true, 'passenger_user' => 'sandbox', 'passenger_group' => 'sandbox', 'passenger_friendly_error_pages' => false, 'passenger_min_instances' => 1, 'passenger_max_instances' => 30, 'passenger_max_preloader_idle_time' => 600, 'passenger_force_max_concurrent_requests_per_process' => 10, 'passenger_start_timeout' => 600, 'passenger_concurrency_model' => 'thread', 'passenger_thread_count' => 5, 'passenger_max_requests' => 1000, 'passenger_max_request_time' => 2, 'passenger_memory_limit' => 64, 'passenger_stat_throttle_rate' => 5, 'passenger_pre_start' => 'http://localhost/myapp', 'passenger_high_performance' => true, 'passenger_buffer_upload' => false, 'passenger_buffer_response' => false, 'passenger_error_override' => true, 'passenger_max_request_queue_size' => 10, 'passenger_max_request_queue_time' => 2, 'passenger_sticky_sessions' => true, 'passenger_sticky_sessions_cookie_name' => '_nom_nom_nom', 'passenger_sticky_sessions_cookie_attributes' => 'Nom=nom; Secure;', 'passenger_allow_encoded_slashes' => true, 'passenger_app_log_file' => '/app/log/file', 'passenger_debugger' => true, 'passenger_lve_min_uid' => 500, 'add_default_charset' => 'UTF-8', 'jk_mounts' => [ { 'mount' => '/*', 'worker' => 'tcnode1' }, { 'unmount' => '/*.jpg', 'worker' => 'tcnode1' }, ], 'auth_kerb' => true, 'krb_method_negotiate' => 'off', 'krb_method_k5passwd' => 'off', 'krb_authoritative' => 'off', 'krb_auth_realms' => ['EXAMPLE.ORG', 'EXAMPLE.NET'], 'krb_5keytab' => '/tmp/keytab5', 'krb_local_user_mapping' => 'off', 'http_protocol_options' => 'Strict LenientMethods Allow0.9', 'keepalive' => 'on', 'keepalive_timeout' => '100', 'max_keepalive_requests' => '1000', 'protocols' => ['h2', 'http/1.1'], 'protocols_honor_order' => true, 'auth_oidc' => true, 'oidc_settings' => { 'ProviderMetadataURL' => 'https://login.example.com/.well-known/openid-configuration', 'ClientID' => 'test', 'RedirectURI' => 'https://login.example.com/redirect_uri', 'ProviderTokenEndpointAuth' => 'client_secret_basic', 'RemoteUserClaim' => 'sub', 'ClientSecret' => 'aae053a9-4abf-4824-8956-e94b2af335c8', 'CryptoPassphrase' => '4ad1bb46-9979-450e-ae58-c696967df3cd' }, 'mdomain' => 'example.com example.net auto', } end it { is_expected.to compile } it { is_expected.not_to contain_file('/var/www/foo') } it { is_expected.to contain_class('apache::mod::ssl') } it { is_expected.to contain_file('ssl.conf').with( content: %r{^\s+SSLHonorCipherOrder On$}, ) } it { is_expected.to contain_file('ssl.conf').with( content: %r{^\s+SSLPassPhraseDialog builtin$}, ) } it { is_expected.to contain_file('ssl.conf').with( content: %r{^\s+SSLSessionCacheTimeout 300$}, ) } it { is_expected.to contain_class('apache::mod::mime') } it { is_expected.to contain_class('apache::mod::vhost_alias') } it { is_expected.to contain_class('apache::mod::wsgi') } it { is_expected.to contain_class('apache::mod::suexec') } it { is_expected.to contain_class('apache::mod::passenger') } it { is_expected.to contain_file('/var/www/logs').with('ensure' => 'directory', 'mode' => '0600') } it { is_expected.to contain_class('apache::mod::rewrite') } it { is_expected.to contain_class('apache::mod::alias') } it { is_expected.to contain_class('apache::mod::proxy') } it { is_expected.to contain_class('apache::mod::proxy_http') } it { is_expected.to contain_class('apache::mod::fastcgi') } it { is_expected.to contain_class('apache::mod::headers') } it { is_expected.to contain_class('apache::mod::filter') } it { is_expected.to contain_class('apache::mod::env') } it { is_expected.to contain_class('apache::mod::setenvif') } it { is_expected.to contain_concat('30-rspec.example.com.conf').with('owner' => 'root', 'mode' => '0644', 'require' => 'Package[httpd]', 'notify' => 'Class[Apache::Service]') } if facts[:os]['release']['major'].to_i >= 18 && facts[:os]['name'] == 'Ubuntu' it { is_expected.to contain_file('30-rspec.example.com.conf symlink').with('ensure' => 'link', 'path' => "/etc/#{apache_name}/sites-enabled/30-rspec.example.com.conf") } end it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header') } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^\s+LimitRequestFieldSize 8190$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^\s+LimitRequestFields 100$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^\s+LimitRequestLine 8190$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^\s+LimitRequestBody 0$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-docroot') } it { is_expected.to contain_concat__fragment('rspec.example.com-aliases') } it { is_expected.to contain_concat__fragment('rspec.example.com-itk') } it { is_expected.to contain_concat__fragment('rspec.example.com-fallbackresource') } it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Include\s'\/custom\/path\/includes'$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Include\s'\/custom\/path\/another_includes'$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+H2CopyFiles\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+H2PushResource\s/foo.css$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+H2PushResource\s/foo.js$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require valid-user$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require all denied$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require all granted$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+<\/RequireAll>$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require all-valid1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require all-valid2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+<\/RequireNone>$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require none-valid1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require none-valid2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+<\/RequireAny>$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require any-valid1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require any-valid2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+LDAPReferrals off$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+ProxyPass http://backend-b/ retry=0 timeout=5 noquery interpolate$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Options\sIndexes\sFollowSymLinks\sMultiViews$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+IndexOptions\sFancyIndexing$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+IndexStyleSheet\s'\/styles\/style\.css'$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+DirectoryIndex\sdisabled$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+SetOutputFilter\soutput_filter$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+SetInputFilter\sinput_filter$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{\s+\s*Require valid-user\s*<\/Limit>}m, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{\s+\s*Require valid-user\s*<\/LimitExcept>}m, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Dav\sfilesystem$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+DavDepthInfinity\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+DavMinTimeout\s600$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerEnabled\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerBaseURI\s/app$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerRuby\s/path/to/ruby$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerPython\s/path/to/python$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerNodejs\s/path/to/nodejs$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMeteorAppSettings\s/path/to/file\.json$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerAppEnv\sdemo$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerAppRoot\s/var/www/node-app$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerAppGroupName\sfoo_bar$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerAppType\snode$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerStartupFile\sstart\.js$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerRestartDir\stemp$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerLoadShellEnvvars\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerRollingRestarts\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerResistDeploymentErrors\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerUser\snodeuser$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerGroup\snodegroup$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerFriendlyErrorPages\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMinInstances\s7$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMaxInstances\s9$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerForceMaxConcurrentRequestsPerProcess\s12$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerStartTimeout\s10$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerConcurrencyModel\sthread$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerThreadCount\s20$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMaxRequests\s2000$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMaxRequestTime\s1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMemoryLimit\s32$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerHighPerformance\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerBufferUpload\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerBufferResponse\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerErrorOverride\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMaxRequestQueueSize\s120$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerMaxRequestQueueTime\s5$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerStickySessions\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerStickySessionsCookieName\s_delicious_cookie$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerAllowEncodedSlashes\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+PassengerDebugger\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+GssapiCredStore\skeytab:/foo/bar.keytab$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+GssapiSSLonly\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+GssapiLocalName\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+SSLVerifyClient\soptional$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+SSLVerifyDepth\s10$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-additional_includes') } it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } it { is_expected.to contain_concat__fragment('rspec.example.com-logging') .with_content(%r{^\s+ErrorLogFormat "\[%t\] \[%l\] %7F: %E: \[client\\ %a\] %M% ,\\ referer\\ %\{Referer\}i"$}) } it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-access_log') } it { is_expected.to contain_concat__fragment('rspec.example.com-action') } it { is_expected.to contain_concat__fragment('rspec.example.com-block') } it { is_expected.to contain_concat__fragment('rspec.example.com-error_document') } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{retry=0}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{timeout=5}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{SetEnv force-proxy-request-1.0 1}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{SetEnv proxy-nokeepalive 1}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{noquery interpolate}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{ProxyPreserveHost On}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{ProxyAddHeaders On}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{ProxyPassReverseCookiePath\s+\/a\s+http:\/\/}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{ProxyPassReverseCookieDomain\s+foo\s+http:\/\/foo}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-redirect') } it { is_expected.to contain_concat__fragment('rspec.example.com-rewrite') } it { is_expected.to contain_concat__fragment('rspec.example.com-rewrite').with( content: %r{^\s+RewriteOptions Inherit$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-scriptalias') } it { is_expected.to contain_concat__fragment('rspec.example.com-serveralias') } it { is_expected.to contain_concat__fragment('rspec.example.com-setenv').with_content( %r{SetEnv FOO=/bin/true}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-setenv').with_content( %r{SetEnvIf Request_URI "\\.gif\$" object_is_image=gif}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-setenv').with_content( %r{SetEnvIfNoCase REMOTE_ADDR \^127.0.0.1 localhost=true}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-ssl') } it { is_expected.to contain_concat__fragment('rspec.example.com-ssl').with( content: %r{^\s+SSLOpenSSLConfCmd\s+DHParameters "foo.pem"$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-ssl').with( content: %r{^\s+SSLUserName\s+SSL_CLIENT_S_DN_CN$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy') } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( content: %r{^\s+SSLProxyEngine On$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( content: %r{^\s+SSLProxyCheckPeerCN\s+on$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( content: %r{^\s+SSLProxyCheckPeerName\s+on$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( content: %r{^\s+SSLProxyCheckPeerExpire\s+on$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( content: %r{^\s+SSLProxyCipherSuite\s+HIGH$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( content: %r{^\s+SSLProxyProtocol\s+TLSv1.2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-suphp') } it { is_expected.to contain_concat__fragment('rspec.example.com-php_admin') } it { is_expected.to contain_concat__fragment('rspec.example.com-header') } it { is_expected.to contain_concat__fragment('rspec.example.com-filters').with( content: %r{^\s+FilterDeclare COMPRESS$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-requestheader') } it { is_expected.to contain_concat__fragment('rspec.example.com-wsgi') } it { is_expected.to contain_concat__fragment('rspec.example.com-custom_fragment') } it { is_expected.to contain_concat__fragment('rspec.example.com-fastcgi') } it { is_expected.to contain_concat__fragment('rspec.example.com-suexec') } it { is_expected.to contain_concat__fragment('rspec.example.com-allow_encoded_slashes') } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger') } it { is_expected.to contain_concat__fragment('rspec.example.com-charsets') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-security') } it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer') } it { is_expected.to contain_concat__fragment('rspec.example.com-jk_mounts').with( content: %r{^\s+JkMount\s+\/\*\s+tcnode1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-jk_mounts').with( content: %r{^\s+JkUnMount\s+\/\*\.jpg\s+tcnode1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbMethodNegotiate\soff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbAuthoritative\soff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbAuthRealms\sEXAMPLE.ORG\sEXAMPLE.NET$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+Krb5Keytab\s\/tmp\/keytab5$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbLocalUserMapping\soff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbServiceName\sHTTP$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbSaveCredentials\soff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( content: %r{^\s+KrbVerifyKDC\son$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http_protocol_options').with( content: %r{^\s*HttpProtocolOptions\s+Strict\s+LenientMethods\s+Allow0\.9$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-keepalive_options').with( content: %r{^\s+KeepAlive\son$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-keepalive_options').with( content: %r{^\s+KeepAliveTimeout\s100$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-keepalive_options').with( content: %r{^\s+MaxKeepAliveRequests\s1000$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^\s+Protocols\sh2 http/1.1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^\s+ProtocolsHonorOrder\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2CopyFiles\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2Direct\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2EarlyHints\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2MaxSessionStreams\s100$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2ModernTLSOnly\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2Push\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2PushDiarySize\s256$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2PushPriority\sapplication/json 32$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2PushResource\s/css/main.css$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2PushResource\s/js/main.js$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2SerializeHeaders\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2StreamMaxMemSize\s65536$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2TLSCoolDownSecs\s1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2TLSWarmUpSize\s1048576$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2Upgrade\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-http2').with( content: %r{^\s+H2WindowSize\s65535$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerEnabled\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerBaseURI\s/app$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerRuby\s/usr/bin/ruby1\.9\.1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerPython\s/usr/local/bin/python$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerNodejs\s/usr/bin/node$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMeteorAppSettings\s/path/to/some/file.json$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerAppEnv\stest$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerAppRoot\s/usr/share/myapp$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerAppGroupName\sapp_customer$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerAppType\srack$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerStartupFile\sbin/www$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerRestartDir\stmp$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerSpawnMethod\sdirect$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerLoadShellEnvvars\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerRollingRestarts\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerResistDeploymentErrors\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerUser\ssandbox$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerGroup\ssandbox$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerFriendlyErrorPages\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMinInstances\s1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMaxInstances\s30$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMaxPreloaderIdleTime\s600$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerForceMaxConcurrentRequestsPerProcess\s10$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerStartTimeout\s600$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerConcurrencyModel\sthread$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerThreadCount\s5$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMaxRequests\s1000$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMaxRequestTime\s2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMemoryLimit\s64$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerStatThrottleRate\s5$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer').with( content: %r{^PassengerPreStart\shttp://localhost/myapp$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerHighPerformance\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerBufferUpload\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerBufferResponse\sOff$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerErrorOverride\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMaxRequestQueueSize\s10$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerMaxRequestQueueTime\s2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerStickySessions\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerStickySessionsCookieName\s_nom_nom_nom$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerAllowEncodedSlashes\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerDebugger\sOn$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-passenger').with( content: %r{^\s+PassengerLveMinUid\s500$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCProviderMetadataURL\shttps:\/\/login.example.com\/\.well-known\/openid-configuration$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCClientID\stest$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCRedirectURI\shttps:\/\/login\.example.com\/redirect_uri$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCProviderTokenEndpointAuth\sclient_secret_basic$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCRemoteUserClaim\ssub$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCClientSecret\saae053a9-4abf-4824-8956-e94b2af335c8$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCCryptoPassphrase\s4ad1bb46-9979-450e-ae58-c696967df3cd$}, ) } it { is_expected.to contain_class('apache::mod::md') } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^MDomain example\.com example\.net auto$}, ) } end context 'vhost with multiple ip addresses' do let :params do { 'port' => '80', 'ip' => ['127.0.0.1', '::1'], 'ip_based' => true, 'servername' => 'example.com', 'docroot' => '/var/www/html', 'add_listen' => true, 'ensure' => 'present', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{[.\/m]*[.\/m]*$}, ) } it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:80') } it { is_expected.to contain_concat__fragment('Listen [::1]:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost 127.0.0.1:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost [::1]:80') } end context 'vhost with multiple ports' do let :params do { 'port' => ['80', '8080'], 'ip' => '127.0.0.1', 'ip_based' => true, 'servername' => 'example.com', 'docroot' => '/var/www/html', 'add_listen' => true, 'ensure' => 'present', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{[.\/m]*[.\/m]*$}, ) } it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:80') } it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:8080') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost 127.0.0.1:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost 127.0.0.1:8080') } end context 'vhost with multiple ip addresses, multiple ports' do let :params do { 'port' => ['80', '8080'], 'ip' => ['127.0.0.1', '::1'], 'ip_based' => true, 'servername' => 'example.com', 'docroot' => '/var/www/html', 'add_listen' => true, 'ensure' => 'present', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{[.\/m]*[.\/m]*$}, ) } it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:80') } it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:8080') } it { is_expected.to contain_concat__fragment('Listen [::1]:80') } it { is_expected.to contain_concat__fragment('Listen [::1]:8080') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost 127.0.0.1:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost 127.0.0.1:8080') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost [::1]:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost [::1]:8080') } end context 'vhost with ipv6 address' do let :params do { 'port' => '80', 'ip' => '::1', 'ip_based' => true, 'servername' => 'example.com', 'docroot' => '/var/www/html', 'add_listen' => true, 'ensure' => 'present', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{[.\/m]*[.\/m]*$}, ) } it { is_expected.to contain_concat__fragment('Listen [::1]:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost [::1]:80') } end context 'vhost with wildcard ip address' do let :params do { 'port' => '80', 'ip' => '*', 'ip_based' => true, 'servername' => 'example.com', 'docroot' => '/var/www/html', 'add_listen' => true, 'ensure' => 'present', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{[.\/m]*[.\/m]*$}, ) } it { is_expected.to contain_concat__fragment('Listen *:80') } it { is_expected.not_to contain_concat__fragment('NameVirtualHost *:80') } end context 'modsec_audit_log' do let :params do { 'docroot' => '/rspec/docroot', 'modsec_audit_log' => true, } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-security').with( content: %r{^\s*SecAuditLog "\/var\/log\/#{apache_name}\/rspec\.example\.com_security\.log"$}, ) } end context 'modsec_audit_log_file' do let :params do { 'docroot' => '/rspec/docroot', 'modsec_audit_log_file' => 'foo.log', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-security').with( content: %r{\s*SecAuditLog "\/var\/log\/#{apache_name}\/foo.log"$}, ) } end context 'set only aliases' do let :params do { 'docroot' => '/rspec/docroot', 'aliases' => [ { 'alias' => '/alias', 'path' => '/rspec/docroot', }, ], } end it { is_expected.to contain_class('apache::mod::alias') } end context 'proxy_pass_match' do let :params do { 'docroot' => '/rspec/docroot', 'proxy_pass_match' => [ { 'path' => '.*', 'url' => 'http://backend-a/', 'params' => { 'timeout' => 300 }, }, ], } end it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( %r{ProxyPassMatch .* http:\/\/backend-a\/ timeout=300}, ).with_content(%r{## Proxy rules}) } end context 'proxy_dest_match' do let :params do { 'docroot' => '/rspec/docroot', 'proxy_dest_match' => '/', } end it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content(%r{## Proxy rules}) } end context 'not everything can be set together...' do let :params do { 'access_log_pipe' => '/dev/null', 'error_log_pipe' => '/dev/null', 'docroot' => '/var/www/foo', 'ensure' => 'absent', 'manage_docroot' => true, 'logroot' => '/tmp/logroot', 'logroot_ensure' => 'absent', 'directories' => [ { 'path' => '/var/www/files', 'provider' => 'files', 'allow' => ['from 127.0.0.1', 'from 127.0.0.2'], 'deny' => ['from 127.0.0.3', 'from 127.0.0.4'], 'satisfy' => 'any', }, { 'path' => '/var/www/foo', 'provider' => 'files', 'allow' => 'from 127.0.0.5', 'deny' => 'from all', 'order' => 'deny,allow', }, ], } end it { is_expected.to compile } it { is_expected.not_to contain_class('apache::mod::ssl') } it { is_expected.not_to contain_class('apache::mod::mime') } it { is_expected.not_to contain_class('apache::mod::vhost_alias') } it { is_expected.not_to contain_class('apache::mod::wsgi') } it { is_expected.not_to contain_class('apache::mod::passenger') } it { is_expected.not_to contain_class('apache::mod::suexec') } it { is_expected.not_to contain_class('apache::mod::rewrite') } it { is_expected.not_to contain_class('apache::mod::alias') } it { is_expected.not_to contain_class('apache::mod::proxy') } it { is_expected.not_to contain_class('apache::mod::proxy_http') } it { is_expected.not_to contain_class('apache::mod::headers') } it { is_expected.to contain_file('/var/www/foo') } it { is_expected.to contain_file('/tmp/logroot').with('ensure' => 'absent') } it { is_expected.to contain_concat('25-rspec.example.com.conf').with('ensure' => 'absent') } it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header') } it { is_expected.to contain_concat__fragment('rspec.example.com-docroot') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-aliases') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-itk') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-fallbackresource') } it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } # the following style is only present on Apache 2.2 # That is used in SLES 11, RHEL6, Amazon Linux if (facts[:os]['family'] == 'RedHat' && facts[:os]['release']['major'].to_i < 7) || (facts[:os]['name'] == 'Amazon') || (facts[:os]['name'] == 'SLES' && facts[:os]['release']['major'].to_i < 12) it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Allow from 127\.0\.0\.1$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Allow from 127\.0\.0\.2$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Allow from 127\.0\.0\.5$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Deny from 127\.0\.0\.3$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Deny from 127\.0\.0\.4$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Deny from all$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Satisfy any$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Order deny,allow$}, ) } end it { is_expected.not_to contain_concat__fragment('rspec.example.com-additional_includes') } it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } it { is_expected.to contain_concat__fragment('rspec.example.com-access_log') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-action') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-block') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-error_document') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-proxy') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-redirect') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-rewrite') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-scriptalias') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-serveralias') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-setenv') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-ssl') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-sslproxy') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-suphp') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-php_admin') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-header') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-requestheader') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-wsgi') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-custom_fragment') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-fastcgi') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-suexec') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-charsets') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-limits') } it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer') } end context 'wsgi_application_group should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_application_group' => '%{GLOBAL}', } end it { is_expected.to contain_class('apache::mod::wsgi') } end context 'wsgi_daemon_process should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_daemon_process' => { 'foo' => { 'python-home' => '/usr' }, 'bar' => {} }, } end it { is_expected.to contain_class('apache::mod::wsgi') } end context 'wsgi_import_script on its own should not set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_import_script' => '/var/www/demo.wsgi', } end it { is_expected.not_to contain_class('apache::mod::wsgi') } end context 'wsgi_import_script_options on its own should not set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_import_script_options' => { 'process-group' => 'wsgi', 'application-group' => '%{GLOBAL}', }, } end it { is_expected.not_to contain_class('apache::mod::wsgi') } end context 'wsgi_import_script and wsgi_import_script_options should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_import_script' => '/var/www/demo.wsgi', 'wsgi_import_script_options' => { 'process-group' => 'wsgi', 'application-group' => '%{GLOBAL}', }, } end it { is_expected.to contain_class('apache::mod::wsgi') } end context 'wsgi_process_group should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_daemon_process' => 'wsgi', } end it { is_expected.to contain_class('apache::mod::wsgi') } end context 'wsgi_script_aliases with non-empty aliases should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_script_aliases' => { '/' => '/var/www/demo.wsgi', }, } end it { is_expected.to contain_class('apache::mod::wsgi') } end context 'wsgi_script_aliases with empty aliases should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_script_aliases' => {}, } end it { is_expected.not_to contain_class('apache::mod::wsgi') } end context 'wsgi_pass_authorization should set apache::mod::wsgi' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_pass_authorization' => 'On', } end it { is_expected.to contain_class('apache::mod::wsgi') } end context 'when not setting nor managing the docroot' do let :params do { 'docroot' => false, 'manage_docroot' => false, } end it { is_expected.to compile } it { is_expected.not_to contain_concat__fragment('rspec.example.com-docroot') } end context 'ssl_proxyengine without ssl' do let :params do { 'docroot' => '/rspec/docroot', 'ssl' => false, 'ssl_proxyengine' => true, } end it { is_expected.to compile } it { is_expected.not_to contain_concat__fragment('rspec.example.com-ssl') } it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy') } end context 'ssl_proxy_protocol without ssl_proxyengine' do let :params do { 'docroot' => '/rspec/docroot', 'ssl' => true, 'ssl_proxyengine' => false, 'ssl_proxy_protocol' => 'TLSv1.2', } end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-ssl') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-sslproxy') } end describe 'access logs' do context 'single log file' do let(:params) do { 'docroot' => '/rspec/docroot', 'access_log_file' => 'my_log_file', } end it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( content: %r{^\s+CustomLog.*my_log_file" combined\s*$}, ) } end context 'single log file with environment' do let(:params) do { 'docroot' => '/rspec/docroot', 'access_log_file' => 'my_log_file', 'access_log_env_var' => 'prod', } end it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( content: %r{^\s+CustomLog.*my_log_file" combined\s+env=prod$}, ) } end context 'multiple log files' do let(:params) do { 'docroot' => '/rspec/docroot', 'access_logs' => [ { 'file' => '/tmp/log1', 'env' => 'dev' }, { 'file' => 'log2' }, { 'syslog' => 'syslog', 'format' => '%h %l' }, ], } end it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( content: %r{^\s+CustomLog "\/tmp\/log1"\s+combined\s+env=dev$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( content: %r{^\s+CustomLog "\/var\/log\/#{apache_name}\/log2"\s+combined\s*$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( content: %r{^\s+CustomLog "syslog" "%h %l"\s*$}, ) } end end # access logs describe 'error logs format' do context 'on Apache 2.2' do let(:params) do { 'docroot' => '/rspec/docroot', 'apache_version' => '2.2', 'error_log_format' => ['[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i'], } end it { is_expected.to contain_concat__fragment('rspec.example.com-logging') .without_content(%r{ErrorLogFormat}) } end context 'single log format directive as a string' do let(:params) do { 'docroot' => '/rspec/docroot', 'apache_version' => '2.4', 'error_log_format' => ['[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i'], } end it { is_expected.to contain_concat__fragment('rspec.example.com-logging').with( content: %r{^\s+ErrorLogFormat "\[%t\] \[%l\] %7F: %E: \[client\\ %a\] %M% ,\\ referer\\ %\{Referer\}i"$}, ) } end context 'multiple log format directives' do let(:params) do { 'docroot' => '/rspec/docroot', 'apache_version' => '2.4', 'error_log_format' => [ '[%{uc}t] [%-m:%-l] [R:%L] [C:%{C}L] %7F: %E: %M', { '[%{uc}t] [R:%L] Request %k on C:%{c}L pid:%P tid:%T' => 'request' }, { "[%{uc}t] [R:%L] UA:'%+{User-Agent}i'" => 'request' }, { "[%{uc}t] [R:%L] Referer:'%+{Referer}i'" => 'request' }, { '[%{uc}t] [C:%{c}L] local\ %a remote\ %A' => 'connection' }, ], } end it { is_expected.to contain_concat__fragment('rspec.example.com-logging').with( content: %r{^\s+ErrorLogFormat "\[%\{uc\}t\] \[%-m:%-l\] \[R:%L\] \[C:%\{C\}L\] %7F: %E: %M"$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-logging').with( content: %r{^\s+ErrorLogFormat request "\[%\{uc\}t\] \[R:%L\] Request %k on C:%\{c\}L pid:%P tid:%T"$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-logging').with( content: %r{^\s+ErrorLogFormat request "\[%\{uc\}t\] \[R:%L\] UA:'%\+\{User-Agent\}i'"$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-logging').with( content: %r{^\s+ErrorLogFormat request "\[%\{uc\}t\] \[R:%L\] Referer:'%\+\{Referer\}i'"$}, ) } it { is_expected.to contain_concat__fragment('rspec.example.com-logging').with( content: %r{^\s+ErrorLogFormat connection "\[%\{uc\}t\] \[C:%\{c\}L\] local\\ %a remote\\ %A"$}, ) } end end # error logs format describe 'validation' do context 'bad ensure' do let :params do { 'docroot' => '/rspec/docroot', 'ensure' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad suphp_engine' do let :params do { 'docroot' => '/rspec/docroot', 'suphp_engine' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad ip_based' do let :params do { 'docroot' => '/rspec/docroot', 'ip_based' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad access_log' do let :params do { 'docroot' => '/rspec/docroot', 'access_log' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad error_log' do let :params do { 'docroot' => '/rspec/docroot', 'error_log' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad_ssl' do let :params do { 'docroot' => '/rspec/docroot', 'ssl' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad default_vhost' do let :params do { 'docroot' => '/rspec/docroot', 'default_vhost' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad ssl_proxyengine' do let :params do { 'docroot' => '/rspec/docroot', 'ssl_proxyengine' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad rewrites' do let :params do { 'docroot' => '/rspec/docroot', 'rewrites' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad rewrites 2' do let :params do { 'docroot' => '/rspec/docroot', 'rewrites' => ['bogus'], } end it { is_expected.to raise_error(Puppet::Error) } end context 'empty rewrites' do let :params do { 'docroot' => '/rspec/docroot', 'rewrites' => [], } end it { is_expected.to compile } end context 'bad suexec_user_group' do let :params do { 'docroot' => '/rspec/docroot', 'suexec_user_group' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad wsgi_script_alias' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_script_alias' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad wsgi_daemon_process_options' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_daemon_process_options' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad wsgi_import_script_alias' do let :params do { 'docroot' => '/rspec/docroot', 'wsgi_import_script_alias' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad itk' do let :params do { 'docroot' => '/rspec/docroot', 'itk' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad logroot_ensure' do let :params do { 'docroot' => '/rspec/docroot', 'log_level' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad log_level' do let :params do { 'docroot' => '/rspec/docroot', 'log_level' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad error_log_format flag' do let :params do { 'docroot' => '/rspec/docroot', 'error_log_format' => [ { 'some format' => 'bogus' }, ], } end it { is_expected.to raise_error(Puppet::Error) } end context 'access_log_file and access_log_pipe' do let :params do { 'docroot' => '/rspec/docroot', 'access_log_file' => 'bogus', 'access_log_pipe' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'error_log_file and error_log_pipe' do let :params do { 'docroot' => '/rspec/docroot', 'error_log_file' => 'bogus', 'error_log_pipe' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad fallbackresource' do let :params do { 'docroot' => '/rspec/docroot', 'fallbackresource' => 'bogus', } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad custom_fragment' do let :params do { 'docroot' => '/rspec/docroot', 'custom_fragment' => true, } end it { is_expected.to raise_error(Puppet::Error) } end context 'bad access_logs' do let :params do { 'docroot' => '/rspec/docroot', 'access_logs' => '/var/log/somewhere', } end it { is_expected.to raise_error(Puppet::Error) } end context 'default of require all granted' do let :params do { 'docroot' => '/var/www/foo', 'directories' => [ { 'path' => '/var/www/foo/files', 'provider' => 'files', }, ], } end it { is_expected.to compile } it { is_expected.to contain_concat('25-rspec.example.com.conf') } it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } # this works only with apache 2.4 and newer if (facts[:os]['family'] == 'RedHat' && facts[:os]['release']['major'].to_i > 6) || (facts[:os]['name'] == 'SLES' && facts[:os]['release']['major'].to_i > 11) it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require all granted$}, ) } end end context 'require unmanaged' do let :params do { 'docroot' => '/var/www/foo', 'directories' => [ { 'path' => '/var/www/foo', 'require' => 'unmanaged', }, ], } end it { is_expected.to compile } it { is_expected.to contain_concat('25-rspec.example.com.conf') } it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } it { is_expected.not_to contain_concat__fragment('rspec.example.com-directories').with( content: %r{^\s+Require all granted$}, ) } end describe 'redirectmatch_*' do let :dparams do { docroot: '/rspec/docroot', port: '84', } end context 'status' do let(:params) { dparams.merge(redirectmatch_status: '404') } it { is_expected.to contain_class('apache::mod::alias') } end context 'dest' do let(:params) { dparams.merge(redirectmatch_dest: 'http://other.example.com$1.jpg') } it { is_expected.to contain_class('apache::mod::alias') } end context 'regexp' do let(:params) { dparams.merge(redirectmatch_regexp: "(.*)\.gif$") } it { is_expected.to contain_class('apache::mod::alias') } end context 'none' do let(:params) { dparams } it { is_expected.not_to contain_class('apache::mod::alias') } end end end context 'oidc_settings RedirectURL' do describe 'with VALID relative URI' do let :params do default_params.merge( 'auth_oidc' => true, 'oidc_settings' => { 'ProviderMetadataURL' => 'https://login.example.com/.well-known/openid-configuration', 'ClientID' => 'test', 'RedirectURI' => '/some/valid/relative/uri', 'ProviderTokenEndpointAuth' => 'client_secret_basic', 'RemoteUserClaim' => 'sub', 'ClientSecret' => 'aae053a9-4abf-4824-8956-e94b2af335c8', 'CryptoPassphrase' => '4ad1bb46-9979-450e-ae58-c696967df3cd' }, ) end it { is_expected.to compile } it { is_expected.to contain_concat__fragment('rspec.example.com-auth_oidc').with( content: %r{^\s+OIDCRedirectURI\s/some/valid/relative/uri$}, ) } end describe 'with INVALID relative URI' do let :params do default_params.merge( 'auth_oidc' => true, 'oidc_settings' => { 'ProviderMetadataURL' => 'https://login.example.com/.well-known/openid-configuration', 'ClientID' => 'test', 'RedirectURI' => 'invalid_uri', 'ProviderTokenEndpointAuth' => 'client_secret_basic', 'RemoteUserClaim' => 'sub', 'ClientSecret' => 'aae053a9-4abf-4824-8956-e94b2af335c8', 'CryptoPassphrase' => '4ad1bb46-9979-450e-ae58-c696967df3cd' }, ) end it { is_expected.not_to compile } end end context 'mdomain' do let :params do default_params.merge( 'mdomain' => true, ) end it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( content: %r{^MDomain rspec.example.com$}, ) } end end end end end diff --git a/spec/functions/bool2httpd_spec.rb b/spec/functions/bool2httpd_spec.rb index fabcf274..e3f40af4 100644 --- a/spec/functions/bool2httpd_spec.rb +++ b/spec/functions/bool2httpd_spec.rb @@ -1,31 +1,33 @@ +# frozen_string_literal: true + require 'spec_helper' shared_examples 'apache::bool2httpd function' do it { is_expected.not_to eq(nil) } it { is_expected.to run.with_params.and_raise_error(ArgumentError) } it { is_expected.to run.with_params('1', '2').and_raise_error(ArgumentError) } it { is_expected.to run.with_params(true).and_return('On') } it { is_expected.to run.with_params('true').and_return('On') } it 'expected to return a string "On"' do expect(subject.execute(true)).to be_an_instance_of(String) end it { is_expected.to run.with_params(false).and_return('Off') } it { is_expected.to run.with_params('false').and_return('Off') } it 'expected to return a string "Off"' do expect(subject.execute(false)).to be_an_instance_of(String) end it { is_expected.to run.with_params('mail').and_return('mail') } it { is_expected.to run.with_params(nil).and_return('Off') } it { is_expected.to run.with_params(:undef).and_return('Off') } it { is_expected.to run.with_params('foo').and_return('foo') } end describe 'apache::bool2httpd' do it_behaves_like 'apache::bool2httpd function' describe 'deprecated non-namespaced shim' do describe 'bool2httpd', type: :puppet_function do it_behaves_like 'apache::bool2httpd function' end end end diff --git a/spec/functions/pw_hash_spec.rb b/spec/functions/pw_hash_spec.rb index 9f34f7d4..5faf7d43 100644 --- a/spec/functions/pw_hash_spec.rb +++ b/spec/functions/pw_hash_spec.rb @@ -1,25 +1,27 @@ +# frozen_string_literal: true + require 'spec_helper' shared_examples 'apache::pw_hash function' do it { is_expected.not_to eq(nil) } it { is_expected.to run.with_params.and_raise_error(ArgumentError) } it { is_expected.to run.with_params('').and_raise_error(ArgumentError) } it { is_expected.to run.with_params(1).and_raise_error(ArgumentError) } it { is_expected.to run.with_params(true).and_raise_error(ArgumentError) } it { is_expected.to run.with_params({}).and_raise_error(ArgumentError) } it { is_expected.to run.with_params([]).and_raise_error(ArgumentError) } it { is_expected.to run.with_params('test').and_return('{SHA}qUqP5cyxm6YcTAhz05Hph5gvu9M=') } end describe 'apache::pw_hash' do it_behaves_like 'apache::pw_hash function' describe 'deprecated shims' do describe 'apache_pw_hash', type: :puppet_function do it_behaves_like 'apache::pw_hash function' end describe 'apache::apache_pw_hash', type: :puppet_function do it_behaves_like 'apache::pw_hash function' end end end diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 2922671e..c80aa202 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -1,194 +1,194 @@ # frozen_string_literal: true require 'singleton' require_relative '../util/apache_mod_platform_support' class LitmusHelper include Singleton include PuppetLitmus end class ApacheModTestFilterHelper include Singleton def initialize_ampc(os) @ampc = ApacheModPlatformCompatibility.new @ampc.generate_supported_platforms_versions @ampc.register_running_platform(os) @ampc.generate_mod_platform_exclusions end def mod_supported_on_platform?(mod) @ampc.mod_supported_on_platform?(mod) end def print_parsing_errors @ampc.print_parsing_errors end end RSpec.configure do |c| # IPv6 is not enabled by default in the new travis-ci Trusty environment (see https://github.com/travis-ci/travis-ci/issues/8891 ) if ENV['CI'] == 'true' c.filter_run_excluding ipv6: true end c.before :suite do # Make sure selinux is disabled so the tests work. - LitmusHelper.instance.run_shell('setenforce 0', expect_failures: true) if os[:family] =~ %r{redhat|oracle} + LitmusHelper.instance.run_shell('setenforce 0', expect_failures: true) if %r{redhat|oracle}.match?(os[:family]) LitmusHelper.instance.run_shell('puppet module install stahnma/epel') pp = <<-PUPPETCODE # needed by tests package { 'curl': ensure => 'latest', } # needed for netstat, for serverspec checks if $::osfamily == 'SLES' or $::osfamily == 'SUSE' { package { 'net-tools-deprecated': ensure => 'latest', } } # needed for ss, for serverspec checks if $::operatingsystem == 'Ubuntu' and $::operatingsystemmajrelease !~ /14.04|16.04/ { package { 'iproute2': ensure => 'latest', } } if $::osfamily == 'RedHat' { if $::operatingsystemmajrelease == '5' or $::operatingsystemmajrelease == '6'{ class { 'epel': epel_baseurl => "http://osmirror.delivery.puppetlabs.net/epel${::operatingsystemmajrelease}-\\$basearch/RPMS.all", epel_mirrorlist => "http://osmirror.delivery.puppetlabs.net/epel${::operatingsystemmajrelease}-\\$basearch/RPMS.all", } } elsif $::operatingsystemmajrelease == '8' { class { 'epel': os_maj_release => "7", epel_baseurl => "http://osmirror.delivery.puppetlabs.net/epel7-\\$basearch/RPMS.all", epel_mirrorlist => "http://osmirror.delivery.puppetlabs.net/epel7-\\$basearch/RPMS.all", } } else { class { 'epel': } } } PUPPETCODE LitmusHelper.instance.apply_manifest(pp) end c.after :suite do ApacheModTestFilterHelper.instance.print_parsing_errors end end def apache_settings_hash osfamily = os[:family] operatingsystemrelease = os[:release].to_f apache = {} case osfamily when 'redhat', 'oracle' apache['confd_dir'] = '/etc/httpd/conf.d' apache['conf_file'] = '/etc/httpd/conf/httpd.conf' apache['ports_file'] = '/etc/httpd/conf/ports.conf' apache['vhost_dir'] = '/etc/httpd/conf.d' apache['vhost'] = '/etc/httpd/conf.d/15-default.conf' apache['run_dir'] = '/var/run/httpd' apache['doc_root'] = '/var/www' apache['service_name'] = 'httpd' apache['package_name'] = 'httpd' apache['error_log'] = 'error_log' apache['suphp_handler'] = 'php5-script' apache['suphp_configpath'] = 'undef' if operatingsystemrelease >= 8 && osfamily == 'redhat' apache['version'] = '2.4' apache['mod_dir'] = '/etc/httpd/conf.modules.d' apache['mod_ssl_dir'] = apache['mod_dir'] elsif operatingsystemrelease >= 7 && osfamily == 'redhat' apache['version'] = '2.4' apache['mod_dir'] = '/etc/httpd/conf.modules.d' apache['mod_ssl_dir'] = apache['confd_dir'] elsif operatingsystemrelease >= 7 && osfamily == 'oracle' apache['version'] = '2.4' apache['mod_dir'] = '/etc/httpd/conf.modules.d' apache['mod_ssl_dir'] = apache['confd_dir'] else apache['version'] = '2.2' apache['mod_dir'] = '/etc/httpd/conf.d' apache['mod_ssl_dir'] = apache['mod_dir'] end when 'debian', 'ubuntu' apache['confd_dir'] = '/etc/apache2/conf.d' apache['mod_dir'] = '/etc/apache2/mods-available' apache['conf_file'] = '/etc/apache2/apache2.conf' apache['ports_file'] = '/etc/apache2/ports.conf' apache['vhost'] = '/etc/apache2/sites-available/15-default.conf' apache['vhost_dir'] = '/etc/apache2/sites-enabled' apache['run_dir'] = '/var/run/apache2' apache['doc_root'] = '/var/www' apache['service_name'] = 'apache2' apache['package_name'] = 'apache2' apache['error_log'] = 'error.log' apache['suphp_handler'] = 'x-httpd-php' apache['suphp_configpath'] = '/etc/php5/apache2' apache['version'] = if osfamily == 'ubuntu' && operatingsystemrelease >= 13.10 '2.4' elsif osfamily == 'debian' && operatingsystemrelease >= 8.0 '2.4' else '2.2' end apache['mod_ssl_dir'] = apache['mod_dir'] when 'freebsd' apache['confd_dir'] = '/usr/local/etc/apache24/Includes' apache['mod_dir'] = '/usr/local/etc/apache24/Modules' apache['conf_file'] = '/usr/local/etc/apache24/httpd.conf' apache['ports_file'] = '/usr/local/etc/apache24/Includes/ports.conf' apache['vhost'] = '/usr/local/etc/apache24/Vhosts/15-default.conf' apache['vhost_dir'] = '/usr/local/etc/apache24/Vhosts' apache['run_dir'] = '/var/run/apache24' apache['doc_root'] = '/var/www' apache['service_name'] = 'apache24' apache['package_name'] = 'apache24' apache['error_log'] = 'http-error.log' apache['version'] = '2.2' apache['mod_ssl_dir'] = apache['mod_dir'] when 'gentoo' apache['confd_dir'] = '/etc/apache2/conf.d' apache['mod_dir'] = '/etc/apache2/modules.d' apache['conf_file'] = '/etc/apache2/httpd.conf' apache['ports_file'] = '/etc/apache2/ports.conf' apache['vhost'] = '/etc/apache2/vhosts.d/15-default.conf' apache['vhost_dir'] = '/etc/apache2/vhosts.d' apache['run_dir'] = '/var/run/apache2' apache['doc_root'] = '/var/www' apache['service_name'] = 'apache2' apache['package_name'] = 'www-servers/apache' apache['error_log'] = 'http-error.log' apache['version'] = '2.4' apache['mod_ssl_dir'] = apache['mod_dir'] when 'suse', 'sles' apache['confd_dir'] = '/etc/apache2/conf.d' apache['mod_dir'] = '/etc/apache2/mods-available' apache['conf_file'] = '/etc/apache2/httpd.conf' apache['ports_file'] = '/etc/apache2/ports.conf' apache['vhost'] = '/etc/apache2/sites-available/15-default.conf' apache['vhost_dir'] = '/etc/apache2/sites-available' apache['run_dir'] = '/var/run/apache2' apache['doc_root'] = '/srv/www' apache['service_name'] = 'apache2' apache['package_name'] = 'apache2' apache['error_log'] = 'error.log' apache['version'] = if operatingsystemrelease < 12 '2.2' else '2.4' end apache['mod_ssl_dir'] = apache['mod_dir'] else raise 'unable to figure out what apache version' end apache end def mod_supported_on_platform?(mod) return false if ENV['DISABLE_MOD_TEST_EXCLUSION'] ApacheModTestFilterHelper.instance.mod_supported_on_platform?(mod) end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index d348d87e..0c6b56b9 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -1,36 +1,38 @@ +# frozen_string_literal: true + if ENV['COVERAGE'] == 'yes' require 'simplecov' require 'simplecov-console' require 'codecov' SimpleCov.formatters = [ SimpleCov::Formatter::HTMLFormatter, SimpleCov::Formatter::Console, SimpleCov::Formatter::Codecov, ] SimpleCov.start do track_files 'lib/**/*.rb' add_filter '/spec' # do not track vendored files add_filter '/vendor' add_filter '/.vendor' # do not track gitignored files # this adds about 4 seconds to the coverage check # this could definitely be optimized add_filter do |f| # system returns true if exit status is 0, which with git-check-ignore means file is ignored system("git check-ignore --quiet #{f.filename}") end end end shared_examples :compile, compile: true do it { is_expected.to compile.with_all_deps } end shared_context 'a mod class, without including apache' do let(:facts) { on_supported_os['debian-8-x86_64'] } end diff --git a/spec/type_aliases/loglevel_spec.rb b/spec/type_aliases/loglevel_spec.rb index ecd09f9a..265ecc8e 100644 --- a/spec/type_aliases/loglevel_spec.rb +++ b/spec/type_aliases/loglevel_spec.rb @@ -1,23 +1,25 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'Apache::LogLevel' do [ 'info', 'warn ssl:info', 'warn mod_ssl.c:info', 'warn mod_ssl.c:info', 'warn ssl_module:info', 'trace4', ].each do |allowed_value| it { is_expected.to allow_value(allowed_value) } end [ 'garbage', '', [], ['info'], ].each do |invalid_value| it { is_expected.not_to allow_value(invalid_value) } end end diff --git a/spec/unit/apache_version_spec.rb b/spec/unit/facter/util/fact_apache_version_spec.rb similarity index 97% rename from spec/unit/apache_version_spec.rb rename to spec/unit/facter/util/fact_apache_version_spec.rb index 02461bf2..da4d3f5e 100644 --- a/spec/unit/apache_version_spec.rb +++ b/spec/unit/facter/util/fact_apache_version_spec.rb @@ -1,38 +1,40 @@ +# frozen_string_literal: true + require 'spec_helper' describe Facter::Util::Fact do before(:each) do Facter.clear end describe 'apache_version' do context 'with value' do before :each do allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') expect(Facter::Util::Resolution).to receive(:which).with('httpd') { true } expect(Facter::Util::Resolution).to receive(:exec).with('httpd -V 2>&1') { 'Server version: Apache/2.4.16 (Unix) Server built: Jul 31 2015 15:53:26' } end it do expect(Facter.fact(:apache_version).value).to eq('2.4.16') end end end describe 'apache_version with empty OS' do context 'with value' do before :each do allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') expect(Facter::Util::Resolution).to receive(:which).with('httpd') { true } expect(Facter::Util::Resolution).to receive(:exec).with('httpd -V 2>&1') { 'Server version: Apache/2.4.6 () Server built: Nov 21 2015 05:34:59' } end it do expect(Facter.fact(:apache_version).value).to eq('2.4.6') end end end end diff --git a/spec/unit/provider/a2mod/gentoo_spec.rb b/spec/unit/provider/a2mod/gentoo_spec.rb index 0255897b..2fb48f34 100644 --- a/spec/unit/provider/a2mod/gentoo_spec.rb +++ b/spec/unit/provider/a2mod/gentoo_spec.rb @@ -1,176 +1,179 @@ +# frozen_string_literal: true + require 'spec_helper' provider_class = Puppet::Type.type(:a2mod).provider(:gentoo) describe provider_class do before :each do provider_class.clear end [:conf_file, :instances, :modules, :initvars, :conf_file, :clear].each do |method| - it "should respond to the class method #{method}" do + it "responds to the class method #{method}" do expect(provider_class).to respond_to(method) end end describe 'when fetching modules' do let(:filetype) do double end it 'returns a sorted array of the defined parameters' do expect(filetype).to receive(:read).and_return(%(APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n)) expect(provider_class).to receive(:filetype) { filetype } expect(provider_class.modules).to eq(['bar', 'baz', 'foo']) end it 'caches the module list' do expect(filetype).to receive(:read).once { %(APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n) } # rubocop:disable Lint/AmbiguousBlockAssociation expect(provider_class).to receive(:filetype).once { filetype } # rubocop:disable Lint/AmbiguousBlockAssociation 2.times { expect(provider_class.modules).to eq(['bar', 'baz', 'foo']) } end it 'normalizes parameters' do expect(filetype).to receive(:read).and_return(%(APACHE2_OPTS="-D FOO -D BAR -D BAR"\n)) expect(provider_class).to receive(:filetype) { filetype } expect(provider_class.modules).to eq(['bar', 'foo']) end end describe 'when prefetching' do it 'matches providers to resources' do provider = instance_double('ssl_provider', name: 'ssl') resource = instance_double('ssl_resource') expect(resource).to receive(:provider=).with(provider) expect(provider_class).to receive(:instances) { [provider] } provider_class.prefetch('ssl' => resource) end end describe 'when flushing' do + let(:filetype) { double } + let(:info) { double } + let(:mpm) { double } + let(:ssl) { double } + before :each do - @filetype = double - allow(@filetype).to receive(:backup) - allow(provider_class).to receive(:filetype).at_least(:once) { @filetype } + allow(filetype).to receive(:backup) + allow(provider_class).to receive(:filetype).at_least(:once) { filetype } - @info = double - allow(@info).to receive(:[]).with(:name) { 'info' } - allow(@info).to receive(:provider=) + allow(info).to receive(:[]).with(:name) { 'info' } + allow(info).to receive(:provider=) - @mpm = double - allow(@mpm).to receive(:[]).with(:name) { 'mpm' } - allow(@mpm).to receive(:provider=) + allow(mpm).to receive(:[]).with(:name) { 'mpm' } + allow(mpm).to receive(:provider=) - @ssl = double - allow(@ssl).to receive(:[]).with(:name) { 'ssl' } - allow(@ssl).to receive(:provider=) + allow(ssl).to receive(:[]).with(:name) { 'ssl' } + allow(ssl).to receive(:provider=) end it 'adds modules whose ensure is present' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } - expect(@filetype).to receive(:write).with(%(APACHE2_OPTS="-D INFO")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } + expect(filetype).to receive(:write).with(%(APACHE2_OPTS="-D INFO")) - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) provider_class.flush end it 'removes modules whose ensure is present' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-D INFO") } - expect(@filetype).to receive(:write).with(%(APACHE2_OPTS="")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-D INFO") } + expect(filetype).to receive(:write).with(%(APACHE2_OPTS="")) - allow(@info).to receive(:should).with(:ensure) { :absent } - allow(@info).to receive(:provider=) - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :absent } + allow(info).to receive(:provider=) + provider_class.prefetch('info' => info) provider_class.flush end it 'does not modify providers without resources' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-D INFO -D MPM") } - expect(@filetype).to receive(:write).with(%(APACHE2_OPTS="-D MPM -D SSL")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-D INFO -D MPM") } + expect(filetype).to receive(:write).with(%(APACHE2_OPTS="-D MPM -D SSL")) - allow(@info).to receive(:should).with(:ensure) { :absent } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :absent } + provider_class.prefetch('info' => info) - allow(@ssl).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('ssl' => @ssl) + allow(ssl).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('ssl' => ssl) provider_class.flush end it 'writes the modules in sorted order' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } - expect(@filetype).to receive(:write).with(%(APACHE2_OPTS="-D INFO -D MPM -D SSL")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } + expect(filetype).to receive(:write).with(%(APACHE2_OPTS="-D INFO -D MPM -D SSL")) - allow(@mpm).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('mpm' => @mpm) - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) - allow(@ssl).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('ssl' => @ssl) + allow(mpm).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('mpm' => mpm) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) + allow(ssl).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('ssl' => ssl) provider_class.flush end it 'writes the records back once' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } - expect(@filetype).to receive(:write).once.with(%(APACHE2_OPTS="-D INFO -D SSL")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } + expect(filetype).to receive(:write).once.with(%(APACHE2_OPTS="-D INFO -D SSL")) - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) - allow(@ssl).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('ssl' => @ssl) + allow(ssl).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('ssl' => ssl) provider_class.flush end it 'onlies modify the line containing APACHE2_OPTS' do - expect(@filetype).to receive(:read).at_least(:once) { %(# Comment\nAPACHE2_OPTS=""\n# Another comment) } - expect(@filetype).to receive(:write).once.with(%(# Comment\nAPACHE2_OPTS="-D INFO"\n# Another comment)) + expect(filetype).to receive(:read).at_least(:once) { %(# Comment\nAPACHE2_OPTS=""\n# Another comment) } + expect(filetype).to receive(:write).once.with(%(# Comment\nAPACHE2_OPTS="-D INFO"\n# Another comment)) - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) provider_class.flush end it 'restores any arbitrary arguments' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-Y -D MPM -X") } - expect(@filetype).to receive(:write).once.with(%(APACHE2_OPTS="-Y -X -D INFO -D MPM")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-Y -D MPM -X") } + expect(filetype).to receive(:write).once.with(%(APACHE2_OPTS="-Y -X -D INFO -D MPM")) - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) provider_class.flush end it 'backups the file once if changes were made' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } - expect(@filetype).to receive(:write).once.with(%(APACHE2_OPTS="-D INFO -D SSL")) + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="") } + expect(filetype).to receive(:write).once.with(%(APACHE2_OPTS="-D INFO -D SSL")) - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) - allow(@ssl).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('ssl' => @ssl) + allow(ssl).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('ssl' => ssl) - expect(@filetype).to receive(:backup) + expect(filetype).to receive(:backup) provider_class.flush end it 'does not write the file or run backups if no changes were made' do - expect(@filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-X -D INFO -D SSL -Y") } - expect(@filetype).to receive(:write).never + expect(filetype).to receive(:read).at_least(:once) { %(APACHE2_OPTS="-X -D INFO -D SSL -Y") } + expect(filetype).to receive(:write).never - allow(@info).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('info' => @info) + allow(info).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('info' => info) - allow(@ssl).to receive(:should).with(:ensure) { :present } - provider_class.prefetch('ssl' => @ssl) + allow(ssl).to receive(:should).with(:ensure) { :present } + provider_class.prefetch('ssl' => ssl) - expect(@filetype).to receive(:backup).never + expect(filetype).to receive(:backup).never provider_class.flush end end end diff --git a/spec/util/_resources/test_metadata_json.rb b/spec/util/_resources/test_metadata_json.rb index b8f64ae5..bd333b73 100644 --- a/spec/util/_resources/test_metadata_json.rb +++ b/spec/util/_resources/test_metadata_json.rb @@ -1,86 +1,88 @@ +# frozen_string_literal: true + METADATA_JSON = '{ "name": "puppetlabs-apache", "version": "5.4.0", "author": "puppetlabs", "summary": "Installs, configures, and manages Apache virtual hosts, web services, and modules.", "license": "Apache-2.0", "source": "https://github.com/puppetlabs/puppetlabs-apache", "project_page": "https://github.com/puppetlabs/puppetlabs-apache", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.13.1 < 7.0.0" }, { "name": "puppetlabs/concat", "version_requirement": ">= 2.2.1 < 7.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", "7", "8" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", "7", "8" ] }, { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Scientific", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ "8", "9", "10" ] }, { "operatingsystem": "SLES", "operatingsystemrelease": [ "11 SP1", "12", "15" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "14.04", "16.04", "18.04" ] } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 5.5.10 < 7.0.0" } ], "description": "Module for Apache configuration", "pdk-version": "1.17.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", "template-ref": "heads/main-0-g095317c" -}'.freeze +}' diff --git a/spec/util/apache_mod_platform_support_spec.rb b/spec/util/apache_mod_platform_compatibility_spec.rb similarity index 98% rename from spec/util/apache_mod_platform_support_spec.rb rename to spec/util/apache_mod_platform_compatibility_spec.rb index e01ae3d5..1025a866 100644 --- a/spec/util/apache_mod_platform_support_spec.rb +++ b/spec/util/apache_mod_platform_compatibility_spec.rb @@ -1,179 +1,181 @@ +# frozen_string_literal: true + require 'rspec' require 'rspec-puppet-facts' require_relative '../../util/apache_mod_platform_support' require_relative '_resources/test_metadata_json' describe ApacheModPlatformCompatibility do foobar_pp = 'foobar.pp' foobar_mod = 'apache::mod::foobar' foobar_class = "class #{foobar_mod}" foobar_linux = 'foobar_linux' expected_compatible_platform_versions = { 'redhat' => [6, 7, 8], 'centos' => [6, 7, 8], 'oraclelinux' => [6, 7], 'scientific' => [6, 7], 'debian' => [8, 9, 10], 'sles' => [11, 12, 15], 'ubuntu' => [14, 16, 18], } context 'when initialized' do describe '#process_line' do ampc = described_class.new it 'returns an empty hash when given garbage line' do expect(ampc.process_line('foobar')).to eq({}) end it 'returns a hash with type: :unsupported_platform_declaration and extracted value' do expect(ampc.process_line('# @note Unsupported platforms: foobar')).to eq(type: :unsupported_platform_declaration, value: 'foobar') end it 'returns a hash with type: :class_declaration and extracted value' do expect(ampc.process_line(foobar_class)).to eq(type: :class_declaration, value: foobar_mod) end end describe '#extract_os_ver_pairs' do ampc = described_class.new it 'handles single OS with single Version' do expect(ampc.extract_os_ver_pairs('Debian: 5')).to eq('debian' => [5]) end it 'handles single OS with multiple Versions' do expect(ampc.extract_os_ver_pairs('Debian: 5, 6, 7')).to eq('debian' => [5, 6, 7]) end it 'handles multiple OSs with multiple Versions' do expect(ampc.extract_os_ver_pairs('Debian: 5, 6, 7; CentOS: 5,6,7')).to eq('debian' => [5, 6, 7], 'centos' => [5, 6, 7]) end it 'handles Versions in \d+\.\d+ format' do expect(ampc.extract_os_ver_pairs('Ubuntu: 14.04, 16.04')).to eq('ubuntu' => [14, 16]) end it 'handles Versions with "SP"' do expect(ampc.extract_os_ver_pairs('SLES: 11 SP1, 12')).to eq('sles' => [11, 12]) end it 'returns an empty Hash when given data in an entirely invalid format' do expect(ampc.extract_os_ver_pairs('foobar')).to eq({}) end it 'returns an empty Hash when given data with incorrect OS/Version group separator' do expect(ampc.extract_os_ver_pairs('Ubuntu#14.04, 16.04')).to eq({}) end it 'returns an empty Hash when given data with incorrect OS + Version separator' do expect(ampc.extract_os_ver_pairs('CentOS:5,6#Debian:5,6')).to eq({}) end it 'returns an empty Hash when given data with incorrect Version separator' do expect(ampc.extract_os_ver_pairs('CentOS:5@6')).to eq({}) end end describe '#register_unsupported_platforms' do ampc = described_class.new it 'registers a valid unsupported platform' do ampc.register_running_platform(family: 'debian', release: '8.11', arch: 'x86_64') expect(ampc).to receive(:valid_os?).with('debian').and_return(true) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'debian' => [8]) expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(false) end it 'registers multiple valid unsupported platforms' do expect(ampc).to receive(:valid_os?).with('debian').and_return(true) expect(ampc).to receive(:valid_os?).with('ubuntu').and_return(true) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'debian' => [8]) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'ubuntu' => [14]) ampc.register_running_platform(family: 'debian', release: '8.11', arch: 'x86_64') expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(false) ampc.register_running_platform(family: 'ubuntu', release: '14.04', arch: 'x86_64') expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(false) end it 'registers an :os_parse error when given an invalid platform' do expect(ampc).to receive(:valid_os?).with(foobar_linux).and_return(false) expect(ampc).to receive(:register_error).with(foobar_pp, 1, :os_parse, foobar_linux) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, foobar_linux => [1]) ampc.register_running_platform(family: 'debian', release: '8.11', arch: 'x86_64') end end describe '#generate_supported_platforms_versions' do ampc = described_class.new before(:each) do allow(File).to receive(:read).and_call_original allow(File).to receive(:read).with('../../metadata.json').and_return(METADATA_JSON) ampc.generate_supported_platforms_versions ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, foobar_linux => [1]) end context 'after parsing the metadata.json' do expected_compatible_platform_versions.each do |os, vers| vers.each do |ver| - it "should state #{os} version #{ver} IS a compatible platform" do + it "states #{os} version #{ver} IS a compatible platform" do ampc.register_running_platform(family: os, version: ver) expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(true) end end end end end describe '#mod_unsupported_on_platform' do ampc = described_class.new before(:each) do allow(File).to receive(:read).and_call_original allow(File).to receive(:read).with('../../metadata.json').and_return(METADATA_JSON) ampc = described_class.new ampc.generate_supported_platforms_versions end ubuntu_14_04_os = { family: 'ubuntu', release: '14.04' } it 'returns false when running on an OS with all versions incompatible' do ampc.register_running_platform(ubuntu_14_04_os) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'ubuntu' => [0]) expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(false) end it 'returns false when running on an OS with one specific version incompatible' do ampc.register_running_platform(ubuntu_14_04_os) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'ubuntu' => [14]) expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(false) end it 'returns true when running on an OS with no versions marked as incompatible' do ampc.register_running_platform(ubuntu_14_04_os) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'debian' => [6, 7]) expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(true) end it 'returns true when running on an OS version not marked as incompatible' do ampc.register_running_platform(ubuntu_14_04_os) ampc.register_unsupported_platforms(foobar_pp, 1, foobar_mod, 'ubuntu' => [16, 18]) expect(ampc.mod_supported_on_platform?(foobar_mod)).to be(true) end end describe '#print_parsing_errors' do ampc = described_class.new abc_pp = 'abc.pp' abc_pp_error_line = 1 abc_pp_error_type = :tag_parse abc_pp_error_type_msg = 'OS and version information in incorrect format:' abc_pp_error_detail = 'Bad line' def_pp = 'def.pp' def_pp_error_line = 2 def_pp_error_type = :os_parse def_pp_error_type_msg = 'OS name is not present in metadata.json:' def_pp_error_detail = foobar_linux tag_format_help_msg_txt = ['succint', 'warning'] expected_stderr_msg = "The following errors were encountered when trying to parse the 'Unsupported platforms' tag(s) in 'manifests/mod':\n" \ " * #{abc_pp} (line #{abc_pp_error_line}): #{abc_pp_error_type_msg} #{abc_pp_error_detail}\n" \ " * #{def_pp} (line #{def_pp_error_line}): #{def_pp_error_type_msg} #{def_pp_error_detail}\n" \ "#{tag_format_help_msg_txt[0]}\n" \ "#{tag_format_help_msg_txt[1]}\n" context 'given a number of errors were discovered when parsing the manifests' do ampc.register_error(abc_pp, abc_pp_error_line, abc_pp_error_type, abc_pp_error_detail) ampc.register_error(def_pp, def_pp_error_line, def_pp_error_type, def_pp_error_detail) it 'prints the expected warnings to $stderr' do allow(File).to receive(:readlines).with('util/_resources/tag_format_help_msg.txt').and_return(tag_format_help_msg_txt) expect { ampc.print_parsing_errors }.to output(expected_stderr_msg).to_stderr end end end end end diff --git a/tasks/init.rb b/tasks/init.rb index 1df27bda..bb82d9aa 100755 --- a/tasks/init.rb +++ b/tasks/init.rb @@ -1,34 +1,36 @@ #!/opt/puppetlabs/puppet/bin/ruby +# frozen_string_literal: true + require 'json' require 'open3' require 'puppet' def service(action, service_name) if service_name.nil? stdout, _stderr, _status = Open3.capture3('facter', '-p', 'osfamily') osfamily = stdout.strip service_name = if osfamily == 'RedHat' 'httpd' elsif osfamily == 'FreeBSD' 'apache24' else 'apache2' end end _stdout, stderr, status = Open3.capture3('service', service_name, action) raise Puppet::Error, stderr if status != 0 { status: "#{action} successful" } end params = JSON.parse(STDIN.read) action = params['action'] service_name = params['service_name'] begin result = service(action, service_name) puts result.to_json exit 0 rescue Puppet::Error => e puts({ status: 'failure', error: e.message }.to_json) exit 1 end diff --git a/util/apache_mod_platform_support.rb b/util/apache_mod_platform_support.rb index 16e0b1ae..5c608cf5 100644 --- a/util/apache_mod_platform_support.rb +++ b/util/apache_mod_platform_support.rb @@ -1,147 +1,149 @@ +# frozen_string_literal: true + require 'json' # Helper class to facilitate exclusion of tests that use an Apache MOD on platforms it isn't supported on. # All Apache MOD classes are defined under 'manifests/mod'. The exclusion should be in the format: # # @note Unsupported platforms: OS: ver, ver; OS: ver, ver, ver; OS: all' # class apache::mod::foobar { # ... # # For example: # @note Unsupported platforms: RedHat: 5, 6; Ubuntu: 14.04; SLES: all; Scientific: 11 SP1' # class apache::mod::actions { # apache::mod { 'actions': } # } # # Filtering is then performed during the test using RSpec's filtering, like so: # # describe 'auth_oidc', unless: mod_unsupported_on_platform('apache::mod::auth_openidc') do # ... # it 'applies cleanly', unless: mod_unsupported_on_platform('apache::mod::auth_openidc') do # ... class ApacheModPlatformCompatibility ERROR_MSG = { tag_parse: 'OS and version information in incorrect format:', os_parse: 'OS name is not present in metadata.json:', }.freeze def initialize @os = {} @mapping = {} @manifest_errors = [] @compatible_platform_versions = {} @mod_platform_compatibility_mapping = {} end def register_running_platform(os) @os = { family: os[:family], release: os[:release].to_i } end def generate_supported_platforms_versions metadata = JSON.parse(File.read('metadata.json')) metadata['operatingsystem_support'].each do |os| @compatible_platform_versions[os['operatingsystem'].downcase] = os['operatingsystemrelease'].map(&:to_i) end end # Class to hold the details of an error whilst parsing an unsupported tag class ManifestError attr_reader :manifest, :line_num, :error_type, :error_detail def initialize(manifest, line_num, error_type, error_detail) @manifest = manifest @line_num = line_num @error_type = error_type @error_detail = error_detail end end def print_parsing_errors return if @manifest_errors.empty? $stderr.puts "The following errors were encountered when trying to parse the 'Unsupported platforms' tag(s) in 'manifests/mod':\n" @manifest_errors.each do |manifest_error| $stderr.puts " * #{manifest_error.manifest} (line #{manifest_error.line_num}): #{ERROR_MSG[manifest_error.error_type]} #{manifest_error.error_detail}" end File.readlines('util/_resources/tag_format_help_msg.txt').each do |line| $stderr.puts line end end def valid_os?(os) - @compatible_platform_versions.keys.include? os + @compatible_platform_versions.key?(os) end def register_error(manifest, line_num, error_type, error_detail) @manifest_errors << ManifestError.new(manifest, line_num, error_type, error_detail) end def register_unsupported_platforms(manifest, line_num, mod, platforms_versions) - platforms_versions.keys.each do |os| + platforms_versions.each_key do |os| unless valid_os?(os) register_error(manifest, line_num, :os_parse, os) next end if @mod_platform_compatibility_mapping.key? mod @mod_platform_compatibility_mapping[mod].merge!(platforms_versions) else @mod_platform_compatibility_mapping[mod] = platforms_versions end end end def extract_os_ver_pairs(line) platforms_versions = {} os_ver_groups = line.delete(' ').downcase # E.g. "debian:5,6;centos:5;sles:11sp1,12;scientific:all;ubuntu:14.04,16.04" - if %r{^((?:\w+:(?:(?:\d+(?:\.\d+|sp\d+)?|all),?)+;?)+)$}i =~ os_ver_groups + if %r{^((?:\w+:(?:(?:\d+(?:\.\d+|sp\d+)?|all),?)+;?)+)$}i.match?(os_ver_groups) os_ver_groups.split(';').each do |os_vers| os, vers = os_vers.split(':') vers.gsub!(%r{sp\d+}, '') # Remove SP ver as we cannot determine this level of granularity from values from Litmus platforms_versions[os] = vers.split(',').map(&:to_i) # 'all' will be converted to 0 end end platforms_versions end def process_line(line) data = {} - return data unless line =~ %r{@note\sUnsupported\splatforms?:\s?|class\sapache::mod}i + return data unless %r{@note\sUnsupported\splatforms?:\s?|class\sapache::mod}i.match?(line) if (match = %r{@note\sUnsupported\splatforms?:\s?(?.*)$}i.match(line)) data[:type] = :unsupported_platform_declaration data[:value] = match[:os_vers] elsif (match = %r{class\s(?apache::mod::\w+)}i.match(line)) data[:type] = :class_declaration data[:value] = match[:mod] end data end def generate_mod_platform_exclusions Dir.glob('manifests/mod/*.pp').each do |manifest| platforms_versions = [] line_num = 0 File.readlines(manifest).each do |line| line_num += 1 data = process_line(line) next if data.empty? if data[:type] == :unsupported_platform_declaration platforms_versions = extract_os_ver_pairs(data[:value]) register_error(manifest, line_num, :tag_parse, line) if platforms_versions.empty? next elsif data[:type] == :class_declaration register_unsupported_platforms(manifest, line_num, data[:value], platforms_versions) unless platforms_versions.empty? break # Once we detect the class declaration, we can move on end end end end # Called from within the context of a test run, making use of RSpec's filtering, e.g.: # it 'should do some test', if: mod_supported_on_platform('apache::mod::foobar') def mod_supported_on_platform?(mod) return true if @mod_platform_compatibility_mapping.empty? return true unless @mod_platform_compatibility_mapping.key? mod return true unless @mod_platform_compatibility_mapping[mod].key? @os[:family] return false if @mod_platform_compatibility_mapping[mod][@os[:family]] == [0] !@mod_platform_compatibility_mapping[mod][@os[:family]].include? @os[:release] end end