diff --git a/README.md b/README.md index a0942bb..e765cb1 100644 --- a/README.md +++ b/README.md @@ -1,287 +1,317 @@ #concat ####Table of Contents 1. [Overview](#overview) 2. [Module Description - What the module does and why it is useful](#module-description) 3. [Setup - The basics of getting started with concat](#setup) * [What concat affects](#what-concat-affects) * [Beginning with concat](#beginning-with-concat) 4. [Usage - Configuration options and additional functionality](#usage) 5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) * [Public Defines](#public-defines) * [Parameters](#parameters) * [Deprecations](#deprecations) 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) ##Overview The concat module lets you construct files from multiple ordered fragments of text. ##Module Description The concat module lets you gather `concat::fragment` resources from your other modules and order them through a single `concat` resource into a coherent file. It does this through a Ruby script and a temporary holding space for the fragments. ##Setup ###What concat affects * Installs `concatfragments.rb`. * Adds a `concat/` directory into Puppet's `vardir`. ###Beginning with concat To start using concat you need to create: * A concat{} resource for the final file. * One or more concat::fragment{}s. A minimal example might be: ~~~ concat { '/tmp/file': ensure => present, } concat::fragment { 'tmpfile': target => '/tmp/file', content => 'test contents', order => '01' } ~~~ ##Usage ###Maintain a list of the major modules on a node To maintain an motd file that lists the modules on one of your nodes, first create a class to frame up the file: ~~~ class motd { $motd = '/etc/motd' concat { $motd: owner => 'root', group => 'root', mode => '0644' } concat::fragment{ 'motd_header': target => $motd, content => "\nPuppet modules on this server:\n\n", order => '01' } # let local users add to the motd by creating a file called # /etc/motd.local concat::fragment{ 'motd_local': target => $motd, source => '/etc/motd.local', order => '15' } } # let other modules register themselves in the motd define motd::register($content="", $order='10') { if $content == "" { $body = $name } else { $body = $content } concat::fragment{ "motd_fragment_$name": target => '/etc/motd', order => $order, content => " -- $body\n" } } ~~~ Then, in the declarations for each module on the node, add `motd::register{ 'Apache': }` to register the module in the motd. ~~~ class apache { include apache::install, apache::config, apache::service motd::register{ 'Apache': } } ~~~ These two steps populate the /etc/motd file with a list of the installed and registered modules, which stays updated even if you just remove the registered modules' `include` lines. System administrators can append text to the list by writing to /etc/motd.local. When you're finished, the motd file will look something like this: ~~~ Puppet modules on this server: -- Apache -- MySQL ~~~ ##Reference **Note**: Several of this module's parameters and features have been deprecated. See the [Deprecations](#deprecations) section below. ###Public defines * `concat`: Manages a file, compiled from one or more text fragments. * `concat::fragment`: Manages a fragment of text to be compiled into a file. ###Parameters ####`concat` All the parameters listed below are optional. #####`backup` Specifies whether (and how) to back up the destination file before overwriting it. Your value gets passed on to Puppet's [native `file` resource](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-backup) for execution. Valid options: 'true', 'false', or a string representing either a target filebucket or a filename extension beginning with ".". Default value: 'puppet'. #####`backup_fragments` Specifies whether to backup concat fragments using the backup setting of the target concat file. Valid options: 'true' and 'false'. Default value: 'false'. #####`ensure` Specifies whether the destination file should exist. Setting to 'absent' tells Puppet to delete the destination file if it exists, and negates the effect of any other parameters. Valid options: 'present' and 'absent'. Default value: 'present'. #####`ensure_newline` Specifies whether to ensure there's a new line at the end of each fragment. Valid options: 'true' and 'false'. Default value: 'false'. #####`force` In case no fragments have been added, this parameter specifies whether to go ahead and create a potentially empty file. Valid options: 'true' and 'false'. Default value: 'false'. #####`group` Specifies a permissions group for the destination file. Valid options: a string containing a group name. Default value: undefined. #####`mode` Specifies the permissions mode of the destination file. Valid options: a string containing a permission mode value in octal notation. Default value: '0644'. #####`order` Specifies a method for sorting your fragments by name within the destination file. Valid options: 'alpha' (e.g., '1, 10, 2') or 'numeric' (e.g., '1, 2, 10'). Default value: 'alpha'. You can override this setting for individual fragments by adjusting the `order` parameter in their `concat::fragment` declarations. #####`owner` Specifies the owner of the destination file. Valid options: a string containing a username. Default value: undefined. #####`path` Specifies a destination file for the combined fragments. Valid options: a string containing an absolute path. Default value: the title of your declared resource. #####`replace` Specifies whether to overwrite the destination file if it already exists. Valid options: 'true' and 'false'. Default value: 'true'. #####`validate_cmd` Specifies a validation command to apply to the destination file. Requires Puppet version 3.5 or newer. Valid options: a string to be passed to a file resource. Default value: undefined. #####`warn` Specifies whether to add a warning message at the top of the destination file so users know it was autogenerated by Puppet. Valid options: 'true', 'false', or a string to be delivered as a warning message. Default value: 'false'. If you set this parameter to 'true', Puppet adds the following message: ~~~ # This file is managed by Puppet. DO NOT EDIT. ~~~ +#####`selinux_ignore_defaults` + +See the `file` type's +[`selinux_ignore_defaults`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-selinux_ignore_defaults) +documentention. + +#####`selrange` + +See the `file` type's +[`selrange`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-selrange) +documentention. + +#####`selrole` + +See the `file` type's +[`selrole`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-selrole) +documentention. + +#####`seltype` + +See the `file` type's +[`seltype`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-seltype) +documentention. + +#####`seluser` + +See the `file` type's +[`seluser`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-seluser) +documentention. + ####`concat::fragment` Except where noted, all the below parameters are optional. #####`content` Supplies the content of the fragment. **Note**: You must supply either a `content` parameter or a `source` parameter. Valid options: a string. Default value: undef. #####`ensure` Specifies whether the fragment should be included in the destination file or discarded. Valid options: 'present' and 'absent'. Default value: 'present'. #####`order` Reorders your fragments within the destination file. Fragments that share the same order number are ordered by name. Valid options: a string (recommended) or an integer. Default value: '10'. #####`source` Specifies a file to read into the content of the fragment. **Note**: You must supply either a `content` parameter or a `source` parameter. Valid options: a string or an array, containing one or more Puppet URLs. Default value: undefined. #####`target` *Required.* Specifies the destination file of the fragment. Valid options: a string containing the title of the parent `concat` resource. ###Deprecations **`concat` has the following deprecations** #####`gnu` Generates a catalog compile time warning and has no effect. This parameter was silently ignored in version `1.0.0` and will be removed in a future release. #####stringified 'true'/'false' values deprecated in `warn` Passing stringified boolean values (strings of 'true' and 'false') to the `warn` parameter of `concat` is deprecated. Generates a catalog compile time warning, and will be silently treated as the concatenated file header/warning message in a future release. Please migrate to using the Puppet DSL's native [Boolean data type](http://docs.puppetlabs.com/puppet/3/reference/lang_datatypes.html#booleans). **`concat::fragment` has the following deprecations** #####`backup` Generates a catalog compile time warning and has no effect. In the `1.0.0` release this parameter controlled file bucketing of the file fragment. Bucketing the fragment(s) is redundant with bucketing the final concatenated file and this feature has been removed. #####`group` Generates a catalog compile time warning and has no effect. Had no user-visible effect in version `1.0.0` and will be removed in a future release. #####`mode` Generates a catalog compile time warning and has no effect. Had no user-visible effect in version `1.0.0` and will be removed in a future release. #####`owner` Generates a catalog compile time warning and has no effect. Had no user-visible effect in version `1.0.0` and will be removed in a future release. #####file paths are deprecated in `ensure` Passing a value other than 'present' or 'absent' in the `ensure` parameter of `concat::fragment` is **deprecated**, and generates a catalog compile time warning. The warning will become a catalog compilation failure in a future release. If you want to use the content of a file as a fragment please use the [`source`](#source) parameter. ####`concat::setup` The `concat::setup` class should no longer be directly included in the manifest. It will be removed in a future release. ##Limitations This module has been tested on [all PE-supported platforms](https://forge.puppetlabs.com/supported#compat-matrix), and no issues have been identified. ##Development Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) ###Contributors To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-concat/graphs/contributors) diff --git a/manifests/init.pp b/manifests/init.pp index 29930b1..b1bbb8a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,280 +1,301 @@ # == Define: concat # # Sets up so that you can use fragments to build a final config file, # # === Options: # # [*ensure*] # Present/Absent # [*path*] # The path to the final file. Use this in case you want to differentiate # between the name of a resource and the file path. Note: Use the name you # provided in the target of your fragments. # [*owner*] # Who will own the file # [*group*] # Who will own the file # [*mode*] # The mode of the final file # [*force*] # Enables creating empty files if no fragments are present # [*warn*] # Adds a normal shell style comment top of the file indicating that it is # built by puppet # [*force*] # [*backup*] # Controls the filebucketing behavior of the final file and see File type # reference for its use. Defaults to 'puppet' # [*backup_fragments*] # Enables backup of fragments using the backup setting of the target # concat file. Defaults to 'false' # [*replace*] # Whether to replace a file that already exists on the local system # [*order*] # [*ensure_newline*] # [*gnu*] # Deprecated +# [*selinux_ignore_defaults*] +# [*selrange*] +# [*selrole*] +# [*seltype*] # # === Actions: # * Creates fragment directories if it didn't exist already # * Executes the concatfragments.rb script to build the final file, this # script will create directory/fragments.concat. Execution happens only # when: # * The directory changes # * fragments.concat != final destination, this means rebuilds will happen # whenever someone changes or deletes the final file. Checking is done # using /usr/bin/cmp. # * The Exec gets notified by something else - like the concat::fragment # define # * Copies the file over to the final destination using a file resource # # === Aliases: # # * The exec can notified using Exec["concat_/path/to/file"] or # Exec["concat_/path/to/directory"] # * The final file can be referenced as File["/path/to/file"] or # File["concat_/path/to/file"] # define concat( - $ensure = 'present', - $path = $name, - $owner = undef, - $group = undef, - $mode = '0644', - $warn = false, - $force = false, - $backup = 'puppet', - $backup_fragments = false, - $replace = true, - $order = 'alpha', - $ensure_newline = false, - $validate_cmd = undef, - $gnu = undef + $ensure = 'present', + $path = $name, + $owner = undef, + $group = undef, + $mode = '0644', + $warn = false, + $force = false, + $backup = 'puppet', + $backup_fragments = false, + $replace = true, + $order = 'alpha', + $ensure_newline = false, + $validate_cmd = undef, + $gnu = undef, + $selinux_ignore_defaults = undef, + $selrange = undef, + $selrole = undef, + $seltype = undef, + $seluser = undef ) { validate_re($ensure, '^present$|^absent$') validate_absolute_path($path) validate_string($owner) validate_string($group) validate_string($mode) if ! (is_string($warn) or $warn == true or $warn == false) { fail('$warn is not a string or boolean') } validate_bool($force) if ! concat_is_bool($backup) and ! is_string($backup) { fail('$backup must be string or bool!') } validate_bool($backup_fragments) validate_bool($replace) validate_re($order, '^alpha$|^numeric$') validate_bool($ensure_newline) if $validate_cmd and ! is_string($validate_cmd) { fail('$validate_cmd must be a string') } if $gnu { warning('The $gnu parameter to concat is deprecated and has no effect') } + if $selinux_ignore_defaults { + validate_bool($selinux_ignore_defaults) + } + validate_string($selrange) + validate_string($selrole) + validate_string($seltype) + validate_string($seluser) include concat::setup $safe_name = regsubst($name, '[/:]', '_', 'G') $concatdir = $concat::setup::concatdir $fragdir = "${concatdir}/${safe_name}" $concat_name = 'fragments.concat.out' $script_command = $concat::setup::script_command $default_warn_message = '# This file is managed by Puppet. DO NOT EDIT.' $bool_warn_message = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' # lint:ignore:quoted_booleans case $warn { true: { $warn_message = $default_warn_message } # lint:ignore:quoted_booleans 'true', 'yes', 'on': { # lint:endignore warning($bool_warn_message) $warn_message = $default_warn_message } false: { $warn_message = '' } # lint:ignore:quoted_booleans 'false', 'no', 'off': { # lint:endignore warning($bool_warn_message) $warn_message = '' } default: { $warn_message = $warn } } # lint:endignore $warnmsg_escaped = regsubst($warn_message, '\'', '\'\\\'\'', 'G') $warnflag = $warnmsg_escaped ? { '' => '', default => "-w '${warnmsg_escaped}'" } $forceflag = $force ? { true => '-f', false => '', } $orderflag = $order ? { 'numeric' => '-n', 'alpha' => '', } $newlineflag = $ensure_newline ? { true => '-l', false => '', } if $ensure == 'present' { file { $fragdir: ensure => directory, mode => '0750', backup => false, } file { "${fragdir}/fragments": ensure => directory, mode => '0750', force => true, ignore => ['.svn', '.git', '.gitignore'], notify => Exec["concat_${name}"], backup => false, purge => true, recurse => true, } file { "${fragdir}/fragments.concat": ensure => present, mode => '0640', backup => false, } file { "${fragdir}/${concat_name}": ensure => present, mode => '0640', backup => false, } file { $name: - ensure => present, - owner => $owner, - group => $group, - mode => $mode, - replace => $replace, - path => $path, - alias => "concat_${name}", - source => "${fragdir}/${concat_name}", - backup => $backup, + ensure => present, + owner => $owner, + group => $group, + mode => $mode, + selinux_ignore_defaults => $selinux_ignore_defaults, + selrange => $selrange, + selrole => $selrole, + seltype => $seltype, + seluser => $seluser, + replace => $replace, + path => $path, + alias => "concat_${name}", + source => "${fragdir}/${concat_name}", + backup => $backup, } # Only newer versions of puppet 3.x support the validate_cmd parameter if $validate_cmd { File[$name] { validate_cmd => $validate_cmd, } } # remove extra whitespace from string interpolation to make testing easier $command = strip(regsubst("${script_command} -o \"${fragdir}/${concat_name}\" -d \"${fragdir}\" ${warnflag} ${forceflag} ${orderflag} ${newlineflag}", '\s+', ' ', 'G')) # make sure ruby is in the path for PE if defined('$is_pe') and str2bool("${::is_pe}") { # lint:ignore:only_variable_string if $::kernel == 'windows' { $command_path = "${::env_windows_installdir}/bin:${::path}" } else { $command_path = "/opt/puppetlabs/puppet/bin:/opt/puppet/bin:${::path}" } } elsif $::kernel == 'windows' { $command_path = $::path } else { $command_path = "/opt/puppetlabs/puppet/bin:${::path}" } # if puppet is running as root, this exec should also run as root to allow # the concatfragments.rb script to potentially be installed in path that # may not be accessible by a target non-root owner. exec { "concat_${name}": alias => "concat_${fragdir}", command => $command, notify => File[$name], subscribe => File[$fragdir], unless => "${command} -t", path => $command_path, user => undef, group => undef, require => [ File[$fragdir], File["${fragdir}/fragments"], File["${fragdir}/fragments.concat"], ], } } else { file { [ $fragdir, "${fragdir}/fragments", "${fragdir}/fragments.concat", "${fragdir}/${concat_name}" ]: ensure => absent, force => true, backup => false, } file { $path: ensure => absent, backup => $backup, } # lint:ignore:quoted_booleans $absent_exec_command = $::kernel ? { 'windows' => 'cmd.exe /c exit 0', # lint:ignore:quoted_booleans default => 'true', # lint:endignore } # lint:endignore $absent_exec_path = $::kernel ? { 'windows' => $::path, default => '/bin:/usr/bin', } # Need to have an unless here for idempotency. exec { "concat_${name}": alias => "concat_${fragdir}", command => $absent_exec_command, unless => $absent_exec_command, path => $absent_exec_path, user => undef, group => undef, } } } # vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/spec/unit/defines/concat_spec.rb b/spec/unit/defines/concat_spec.rb index fc110d9..6501a9f 100644 --- a/spec/unit/defines/concat_spec.rb +++ b/spec/unit/defines/concat_spec.rb @@ -1,432 +1,478 @@ require 'spec_helper' describe 'concat', :type => :define do shared_examples 'concat' do |title, params, id| params = {} if params.nil? id = 'root' if id.nil? # default param values p = { :ensure => 'present', :path => title, :owner => nil, :group => nil, :mode => '0644', :warn => false, :force => false, :backup => 'puppet', :backup_fragments => false, :replace => true, :order => 'alpha', :ensure_newline => false, :validate_cmd => nil, }.merge(params) safe_name = title.gsub('/', '_') concatdir = '/var/lib/puppet/concat' fragdir = "#{concatdir}/#{safe_name}" concat_name = 'fragments.concat.out' default_warn_message = '# This file is managed by Puppet. DO NOT EDIT.' let(:title) { title } let(:params) { params } let(:facts) do { :concat_basedir => concatdir, :id => id, :osfamily => 'Debian', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', :kernel => 'Linux', :is_pe => false, } end if p[:ensure] == 'present' it do should contain_file(fragdir).with({ :ensure => 'directory', :mode => '0750', }) end it do should contain_file("#{fragdir}/fragments").with({ :ensure => 'directory', :mode => '0750', :force => true, :ignore => ['.svn', '.git', '.gitignore'], :backup => false, :purge => true, :recurse => true, }) end [ "#{fragdir}/fragments.concat", "#{fragdir}/#{concat_name}", ].each do |file| it do should contain_file(file).with({ :ensure => 'present', :mode => '0640', }) end end it do should contain_file(title).with({ - :ensure => 'present', - :owner => p[:owner], - :group => p[:group], - :mode => p[:mode], - :replace => p[:replace], - :path => p[:path], - :alias => "concat_#{title}", - :source => "#{fragdir}/#{concat_name}", - :validate_cmd => p[:validate_cmd], - :backup => p[:backup], + :ensure => 'present', + :owner => p[:owner], + :group => p[:group], + :mode => p[:mode], + :replace => p[:replace], + :path => p[:path], + :alias => "concat_#{title}", + :source => "#{fragdir}/#{concat_name}", + :validate_cmd => p[:validate_cmd], + :backup => p[:backup], + :selinux_ignore_defaults => p[:selinux_ignore_defaults], + :selrange => p[:selrange], + :selrole => p[:selrole], + :seltype => p[:seltype], + :seluser => p[:seluser], }) end cmd = "#{concatdir}/bin/concatfragments.rb " + "-o \"#{concatdir}/#{safe_name}/fragments.concat.out\" " + "-d \"#{concatdir}/#{safe_name}\"" # flag order: fragdir, warnflag, forceflag, orderflag, newlineflag if p.has_key?(:warn) case p[:warn] when TrueClass message = default_warn_message when 'true', 'yes', 'on' # should generate a stringified boolean warning message = default_warn_message when FalseClass message = nil when 'false', 'no', 'off' # should generate a stringified boolean warning message = nil else message = p[:warn] end unless message.nil? cmd += " -w \'#{message}\'" end end cmd += " -f" if p[:force] cmd += " -n" if p[:order] == 'numeric' cmd += " -l" if p[:ensure_newline] == true it do should contain_exec("concat_#{title}").with({ :alias => "concat_#{fragdir}", :command => cmd, :unless => "#{cmd} -t", }) end else [ fragdir, "#{fragdir}/fragments", "#{fragdir}/fragments.concat", "#{fragdir}/#{concat_name}", ].each do |file| it do should contain_file(file).with({ :ensure => 'absent', :force => true, }) end end it do should contain_file(title).with({ :ensure => 'absent', :backup => p[:backup], }) end it do should contain_exec("concat_#{title}").with({ :alias => "concat_#{fragdir}", :command => 'true', :unless => 'true', :path => '/bin:/usr/bin', }) end end end context 'title' do context 'without path param' do # title/name is the default value for the path param. therefore, the # title must be an absolute path unless path is specified ['/foo', '/foo/bar', '/foo/bar/baz'].each do |title| context title do it_behaves_like 'concat', '/etc/foo.bar' end end ['./foo', 'foo', 'foo/bar'].each do |title| context title do let(:title) { title } it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not an absolute path/) end end end end context 'with path param' do ['./foo', 'foo', 'foo/bar'].each do |title| context title do it_behaves_like 'concat', title, { :path => '/etc/foo.bar' } end end end end # title => context 'as non-root user' do it_behaves_like 'concat', '/etc/foo.bar', {}, 'bob' end context 'ensure =>' do ['present', 'absent'].each do |ens| context ens do it_behaves_like 'concat', '/etc/foo.bar', { :ensure => ens } end end context 'invalid' do let(:title) { '/etc/foo.bar' } let(:params) {{ :ensure => 'invalid' }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape('does not match "^present$|^absent$"')}/) end end end # ensure => context 'path =>' do context '/foo' do it_behaves_like 'concat', '/etc/foo.bar', { :path => '/foo' } end ['./foo', 'foo', 'foo/bar', false].each do |path| context path do let(:title) { '/etc/foo.bar' } let(:params) {{ :path => path }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not an absolute path/) end end end end # path => context 'owner =>' do context 'apenney' do it_behaves_like 'concat', '/etc/foo.bar', { :owner => 'apenny' } end context 'false' do let(:title) { '/etc/foo.bar' } let(:params) {{ :owner => false }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) end end end # owner => context 'group =>' do context 'apenney' do it_behaves_like 'concat', '/etc/foo.bar', { :group => 'apenny' } end context 'false' do let(:title) { '/etc/foo.bar' } let(:params) {{ :group => false }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) end end end # group => context 'mode =>' do context '1755' do it_behaves_like 'concat', '/etc/foo.bar', { :mode => '1755' } end context 'false' do let(:title) { '/etc/foo.bar' } let(:params) {{ :mode => false }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) end end end # mode => context 'warn =>' do [true, false, '# foo'].each do |warn| context warn do it_behaves_like 'concat', '/etc/foo.bar', { :warn => warn } end end context '(stringified boolean)' do ['true', 'yes', 'on', 'false', 'no', 'off'].each do |warn| context warn do it_behaves_like 'concat', '/etc/foo.bar', { :warn => warn } it 'should create a warning' do skip('rspec-puppet support for testing warning()') end end end end context '123' do let(:title) { '/etc/foo.bar' } let(:params) {{ :warn => 123 }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a string or boolean/) end end end # warn => context 'force =>' do [true, false].each do |force| context force do it_behaves_like 'concat', '/etc/foo.bar', { :force => force } end end context '123' do let(:title) { '/etc/foo.bar' } let(:params) {{ :force => 123 }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) end end end # force => context 'backup =>' do context 'reverse' do it_behaves_like 'concat', '/etc/foo.bar', { :backup => 'reverse' } end context 'false' do it_behaves_like 'concat', '/etc/foo.bar', { :backup => false } end context 'true' do it_behaves_like 'concat', '/etc/foo.bar', { :backup => true } end context 'true' do let(:title) { '/etc/foo.bar' } let(:params) {{ :backup => [] }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /backup must be string or bool/) end end end # backup => context 'backup_fragments =>' do context 'true' do it_behaves_like 'concat', '/etc/foo.bar', { :backup_fragments => true } end context 'false' do it_behaves_like 'concat', '/etc/foo.bar', { :backup_fragments => false } end context 'invalid' do let(:title) { '/etc/foo.bar' } let(:params) {{ :backup_fragments => "invalid" }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) end end end # backup_fragments => context 'replace =>' do [true, false].each do |replace| context replace do it_behaves_like 'concat', '/etc/foo.bar', { :replace => replace } end end context '123' do let(:title) { '/etc/foo.bar' } let(:params) {{ :replace => 123 }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) end end end # replace => context 'order =>' do ['alpha', 'numeric'].each do |order| context order do it_behaves_like 'concat', '/etc/foo.bar', { :order => order } end end context 'invalid' do let(:title) { '/etc/foo.bar' } let(:params) {{ :order => 'invalid' }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape('does not match "^alpha$|^numeric$"')}/) end end end # order => context 'ensure_newline =>' do [true, false].each do |ensure_newline| context 'true' do it_behaves_like 'concat', '/etc/foo.bar', { :ensure_newline => ensure_newline} end end context '123' do let(:title) { '/etc/foo.bar' } let(:params) {{ :ensure_newline => 123 }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) end end end # ensure_newline => context 'validate_cmd =>' do if Puppet::Util::Package::versioncmp(Puppet::version, '3.5.0') > 0 context '/usr/bin/test -e %' do it_behaves_like 'concat', '/etc/foo.bar', { :validate_cmd => '/usr/bin/test -e %' } end [ 1234, true ].each do |cmd| context cmd do let(:title) { '/etc/foo.bar' } let(:params) {{ :validate_cmd => cmd }} it 'should fail' do expect { catalogue }.to raise_error(Puppet::Error, /\$validate_cmd must be a string/) end end end end end # validate_cmd => + context 'selinux_ignore_defaults =>' do + let(:title) { '/etc/foo.bar' } + + [true, false].each do |v| + context v do + it_behaves_like 'concat', '/etc/foo.bar', { :selinux_ignore_defaults => v } + end + end + + context '123' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :selinux_ignore_defaults => 123 }} + it 'should fail' do + expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + end # selinux_ignore_defaults => + + [ + :selrange, + :selrole, + :seltype, + :seluser, + ].each do |p| + context " #{p} =>" do + let(:title) { '/etc/foo.bar' } + + context 'foo' do + it_behaves_like 'concat', '/etc/foo.bar', { p => 'foo' } + end + + context 'false' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ p => false }} + it 'should fail' do + expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) + end + end + end # #{p} => + end + describe 'deprecated parameter' do context 'gnu =>' do context 'foo' do it_behaves_like 'concat', '/etc/foo.bar', { :gnu => 'foo'} it 'should create a warning' do skip('rspec-puppet support for testing warning()') end end end end end # vim:sw=2:ts=2:expandtab:textwidth=79