diff --git a/.sync.yml b/.sync.yml index 20efc90..f9e61bf 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,28 +1,28 @@ --- .travis.yml: beaker_sets: - centos7-64 - centos6-64 - debian8-64 - debian9-64 env: global: - PARALLEL_TEST_PROCESSORS=8 beaker_puppet_collections: - pc1 - puppet5 - puppet6 Rakefile: param_docs_pattern: - manifests/init.pp spec/spec_helper.rb: extra_code: | aio = on_os_under_test.reject do |os, facts| - ['FreeBSD', 'DragonFly', 'Windows'].include?(facts[:operatingsystem]) + ['Archlinux', 'FreeBSD', 'DragonFly', 'Windows'].include?(facts[:operatingsystem]) end.keys add_custom_fact :rubysitedir, '/opt/puppetlabs/puppet/lib/ruby/site_ruby/2.1.0', :confine => aio def unsupported_puppetmaster_osfamily(osfamily) ['Archlinux', 'windows', 'Suse'].include?(osfamily) end diff --git a/spec/classes/puppet_agent_spec.rb b/spec/classes/puppet_agent_spec.rb index abd552f..e2f6f7a 100644 --- a/spec/classes/puppet_agent_spec.rb +++ b/spec/classes/puppet_agent_spec.rb @@ -1,347 +1,352 @@ require 'spec_helper' require 'deep_merge' describe 'puppet' do on_os_under_test.each do |os, facts| context "on #{os}" do case facts[:osfamily] when 'FreeBSD' bindir = '/usr/local/bin' client_package = Puppet.version < '5.0' ? 'puppet4' : 'puppet5' confdir = '/usr/local/etc/puppet' package_provider = nil when 'windows' bindir = 'C:/ProgramData/PuppetLabs/puppet/bin' client_package = 'puppet-agent' confdir = 'C:/ProgramData/PuppetLabs/puppet/etc' package_provider = 'chocolatey' + when 'Archlinux' + bindir = '/usr/bin' + client_package = 'puppet' + confdir = '/etc/puppetlabs/puppet' + package_provider = nil else bindir = '/opt/puppetlabs/bin' client_package = 'puppet-agent' confdir = '/etc/puppetlabs/puppet' package_provider = nil end let :facts do facts.deep_merge( # rspec-puppet(-facts) doesn't mock this clientcert: 'client.example.com', # Cron/systemd timers are based on the IP - make it consistent networking: { ip: '192.0.2.100' } ) end let :params do { agent: true } end describe 'with no custom parameters' do # For windows we specify a package provider which doesn't compile if facts[:osfamily] != 'windows' it { is_expected.to compile.with_all_deps } end # install it do is_expected.to contain_class('puppet::agent::install') .with_manage_packages(true) .with_package_name([client_package]) .with_package_version('present') .with_package_provider(package_provider) .with_package_source(nil) .that_notifies(['Class[puppet::agent::config]', 'Class[puppet::agent::service]']) end it do is_expected.to contain_package(client_package) .with_ensure('present') .with_provider(package_provider) .with_source(nil) end # config it { is_expected.to contain_class('puppet::agent::config').that_notifies('Class[puppet::agent::service]') } it { is_expected.to contain_file(confdir).with_ensure('directory') } it { is_expected.to contain_concat("#{confdir}/puppet.conf") } it { is_expected.to contain_concat__fragment('puppet.conf_agent').with_content(/^\[agent\]/) } it { is_expected.to contain_puppet__config__agent('certname').with_value(facts[:clientcert]) } it { is_expected.to contain_puppet__config__agent('report').with_value('true') } it { is_expected.not_to contain_puppet__config__agent('prerun_command') } it { is_expected.not_to contain_puppet__config__agent('postrun_command') } if facts[:osfamily] == 'Debian' it do is_expected.to contain_augeas('puppet::set_start') .with_context('/files/etc/default/puppet') .with_changes('set START yes') .with_incl('/etc/default/puppet') .with_lens('Shellvars.lns') end it { is_expected.to contain_file('/var/lib/puppet/state/agent_disabled.lock').with_ensure(:absent) } end # service it { is_expected.to contain_class('puppet::agent::service') } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(true) } it do is_expected.to contain_service('puppet') .with_ensure('running') .with_name('puppet') .with_hasstatus('true') .with_enable('true') end it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } if os =~ /\A(windows|archlinux)/ it { is_expected.not_to contain_cron('puppet') } else it { is_expected.to contain_cron('puppet').with_ensure('absent') } end it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ it do is_expected.to contain_exec('systemctl-daemon-reload-puppet') .with_refreshonly(true) .with_command('systemctl daemon-reload') end it do is_expected.to contain_service('puppet-run.timer') .with_ensure(:stopped) .with_provider('systemd') .with_name('puppet-run.timer') .with_enable(false) end it { is_expected.to contain_file('/etc/systemd/system/puppet-run.timer').with_ensure(:absent) } it { is_expected.to contain_file('/etc/systemd/system/puppet-run.service').with_ensure(:absent) } else it { is_expected.not_to contain_service('puppet-run.timer') } it { is_expected.not_to contain_file('/etc/systemd/system/puppet-run.timer') } it { is_expected.not_to contain_file('/etc/systemd/system/puppet-run.service') } it { is_expected.not_to contain_exec('systemctl-daemon-reload-puppet') } end end describe 'set prerun_command will be included in config' do let :params do super().merge(prerun_command: '/my/prerun') end it { is_expected.to contain_puppet__config__agent('prerun_command').with_value('/my/prerun') } end describe 'set postrun_command will be included in config' do let :params do super().merge(postrun_command: '/my/postrun') end it { is_expected.to contain_puppet__config__agent('postrun_command').with_value('/my/postrun') } end describe 'with additional settings' do let :params do super().merge(agent_additional_settings: { 'ignoreschedules' => true }) end it { is_expected.to contain_puppet__config__agent('ignoreschedules').with_value('true') } end context 'manage_packages' do describe 'when manage_packages => false' do let :params do super().merge(manage_packages: false) end - it { is_expected.not_to contain_package('puppet-agent') } + it { is_expected.not_to contain_package(client_package) } end describe "when manage_packages => 'agent'" do let :params do super().merge(manage_packages: 'agent') end - it { is_expected.to contain_package('puppet-agent') } + it { is_expected.to contain_package(client_package) } end describe "when manage_packages => 'server'" do let :params do super().merge(manage_packages: 'server') end - it { is_expected.not_to contain_package('puppet-agent') } + it { is_expected.not_to contain_package(client_package) } end end context 'runmode' do describe 'when runmode => cron' do let :params do super().merge(runmode: 'cron') end case os when /\A(windows|archlinux)/ it { is_expected.to raise_error(Puppet::Error, /Runmode of cron not supported on #{facts[:kernel]} operating systems!/) } when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_concat__fragment('puppet.conf_agent') } if facts[:osfamily] == 'Debian' it do is_expected.to contain_augeas('puppet::set_start') .with_context('/files/etc/default/puppet') .with_changes('set START no') .with_incl('/etc/default/puppet') .with_lens('Shellvars.lns') end it { is_expected.to contain_file('/var/lib/puppet/state/agent_disabled.lock').with_ensure(:absent) } end it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(true) } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it do is_expected.to contain_service('puppet') .with_ensure('stopped') .with_name('puppet') .with_hasstatus('true') .with_enable('false') end it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } it { is_expected.to contain_service('puppet-run.timer').with_ensure(:stopped) } it do is_expected.to contain_cron('puppet') .with_command("#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize") .with_user('root') .with_minute(%w[10 40]) .with_hour('*') end else it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(true) } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } it { is_expected.not_to contain_service('puppet-run.timer') } it do is_expected.to contain_cron('puppet') .with_command("#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize") .with_user('root') .with_minute(%w[10 40]) .with_hour('*') end end end describe 'when runmode => systemd.timer' do let :params do super().merge(runmode: 'systemd.timer') end case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(true) } it { is_expected.to contain_service('puppet-run.timer').with_ensure(:running) } it do is_expected.to contain_file('/etc/systemd/system/puppet-run.timer') .with_content(/.*OnCalendar\=\*-\*-\* \*\:10,40:00.*/) end it do is_expected.to contain_file('/etc/systemd/system/puppet-run.timer') .with_content(/^RandomizedDelaySec\=0$/) end it do is_expected.to contain_file('/etc/systemd/system/puppet-run.service') - .with_content(%r{.*ExecStart=#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize.*}) + .with_content(%r{^ExecStart=#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize --detailed-exitcode --no-usecacheonfailure$}) end it do is_expected.to contain_exec('systemctl-daemon-reload-puppet') .with_refreshonly(true) .with_command('systemctl daemon-reload') end it do is_expected.to contain_service('puppet-run.timer') .with_provider('systemd') .with_ensure('running') .with_name('puppet-run.timer') .with_enable('true') end else it { is_expected.to raise_error(Puppet::Error, /Runmode of systemd.timer not supported on #{facts[:kernel]} operating systems!/) } end end describe 'when runmode => none' do let :params do super().merge(runmode: 'none') end # For windows we specify a package provider which doesn't compile if facts[:osfamily] != 'windows' it { is_expected.to compile.with_all_deps } end it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ it { is_expected.to contain_service('puppet-run.timer').with_ensure(:stopped) } else it { is_expected.not_to contain_service('puppet-run.timer') } end end end describe 'when unavailable_runmodes => ["cron"]' do let :params do super().merge(unavailable_runmodes: ['cron']) end it { is_expected.not_to contain_cron('puppet') } end describe 'with custom service_name' do let :params do super().merge(service_name: 'pe-puppet') end it { is_expected.to contain_service('puppet').with_name('pe-puppet') } end context 'with remove_lock => false' do let :params do super().merge(remove_lock: false) end it { should_not contain_file('/var/lib/puppet/state/agent_disabled.lock') } end context 'with client_certname => false' do let :params do super().merge(client_certname: false) end it { is_expected.not_to contain_puppet__config__agent('certname') } end context 'with report => false' do let :params do super().merge(report: false) end it { is_expected.to contain_puppet__config__agent('report').with_value('false') } end end end end diff --git a/spec/classes/puppet_config_spec.rb b/spec/classes/puppet_config_spec.rb index b929e3c..4fb38ff 100644 --- a/spec/classes/puppet_config_spec.rb +++ b/spec/classes/puppet_config_spec.rb @@ -1,192 +1,200 @@ require 'spec_helper' describe 'puppet' do on_os_under_test.each do |os, facts| context "on #{os}" do case facts[:osfamily] when 'FreeBSD' dir_owner = 'puppet' dir_group = 'puppet' confdir = '/usr/local/etc/puppet' logdir = '/var/log/puppet' rundir = '/var/run/puppet' ssldir = '/var/puppet/ssl' vardir = '/var/puppet' when 'windows' dir_owner = nil dir_group = nil confdir = 'C:/ProgramData/PuppetLabs/puppet/etc' logdir = 'C:/ProgramData/PuppetLabs/puppet/var/log' rundir = 'C:/ProgramData/PuppetLabs/puppet/var/run' ssldir = 'C:/ProgramData/PuppetLabs/puppet/etc/ssl' vardir = 'C:/ProgramData/PuppetLabs/puppet/var' + when 'Archlinux' + dir_owner = 'puppet' + dir_group = 'puppet' + confdir = '/etc/puppetlabs/puppet' + logdir = '/var/log/puppetlabs/puppet' + rundir = '/var/run/puppetlabs' + ssldir = '/etc/puppetlabs/puppet/ssl' + vardir = '/opt/puppetlabs/puppet/cache' else dir_owner = 'root' dir_group = nil confdir = '/etc/puppetlabs/puppet' logdir = '/var/log/puppetlabs/puppet' rundir = '/var/run/puppetlabs' ssldir = '/etc/puppetlabs/puppet/ssl' vardir = '/opt/puppetlabs/puppet/cache' end let :facts do facts.merge(domain: 'example.org') end let :params do {} end describe 'with default parameters' do it { is_expected.to contain_file(confdir).with_owner(dir_owner).with_group(dir_group) } it { is_expected.to contain_file("#{confdir}/auth.conf").with_content(%r{/puppet/v3/}) } it { is_expected.not_to contain_file("#{confdir}/auth.conf").with_content(%r{^path /certificate_revocation_list/ca\nmethod find$}) } it { is_expected.not_to contain_puppet__config__main('default_manifest') } it { is_expected.not_to contain_file('/etc/puppet/manifests/default_manifest.pp') } it { is_expected.not_to contain_puppet__config__main('reports') } it { is_expected.to contain_puppet__config__main('vardir').with_value(vardir) } it { is_expected.to contain_puppet__config__main('logdir').with_value(logdir) } it { is_expected.to contain_puppet__config__main('rundir').with_value(rundir) } it { is_expected.to contain_puppet__config__main('ssldir').with_value(ssldir) } it { is_expected.to contain_puppet__config__main('privatekeydir').with_value('$ssldir/private_keys { group = service }') } it { is_expected.to contain_puppet__config__main('hostprivkey').with_value('$privatekeydir/$certname.pem { mode = 640 }') } it { is_expected.to contain_puppet__config__main('show_diff').with_value('false') } it { is_expected.to contain_puppet__config__main('server').with_value(facts[:fqdn]) } end describe 'with allow_any_crl_auth' do let :params do super().merge(allow_any_crl_auth: true) end it { is_expected.to contain_file("#{confdir}/auth.conf").with_content(%r{^path /puppet-ca/v1/certificate_revocation_list/ca\nauth any$}) } end describe 'with auth_allowed' do let :params do super().merge(auth_allowed: ['$1', 'puppetproxy']) end it { is_expected.to contain_file("#{confdir}/auth.conf").with_content(/^allow \$1, puppetproxy$/) } end describe "when dns_alt_names => ['foo','bar']" do let :params do super().merge(dns_alt_names: %w[foo bar]) end it { is_expected.to contain_puppet__config__main('dns_alt_names').with_value(%w[foo bar]) } end describe "when syslogfacility => 'local6'" do let :params do super().merge(syslogfacility: 'local6') end it { is_expected.to contain_puppet__config__main('syslogfacility').with_value('local6') } end describe "when module_repository => 'https://myforgeapi.example.com'" do let :params do super().merge(module_repository: 'https://myforgeapi.example.com') end it { is_expected.to contain_puppet__config__main('module_repository').with_value('https://myforgeapi.example.com') } end describe 'when use_srv_records => true' do let :params do super().merge(use_srv_records: true) end context 'domain fact is defined' do it { is_expected.to contain_puppet__config__main('use_srv_records').with_value('true') } it { is_expected.to contain_puppet__config__main('srv_domain').with_value('example.org') } it { is_expected.to contain_puppet__config__main('pluginsource').with_value('puppet:///plugins') } it { is_expected.to contain_puppet__config__main('pluginfactsource').with_value('puppet:///pluginfacts') } it { is_expected.not_to contain_puppet__config__main('server') } end context 'domain fact is unset' do let(:facts) { facts.merge(domain: nil) } it { is_expected.to raise_error(Puppet::Error, /\$::domain fact found to be undefined and \$srv_domain is undefined/) } end context 'is overriden via param' do let :params do super().merge(srv_domain: 'special.example.com') end it { is_expected.to contain_puppet__config__main('use_srv_records').with_value(true) } it { is_expected.to contain_puppet__config__main('srv_domain').with_value('special.example.com') } end end context 'puppetmaster' do describe "when puppetmaster => 'mymaster.example.com'" do let :params do super().merge(puppetmaster: 'mymaster.example.com') end it { is_expected.to contain_puppet__config__main('server').with_value('mymaster.example.com') } end describe 'puppetmaster parameter overrides global puppetmaster' do let :params do super().merge(puppetmaster: 'mymaster.example.com') end let :facts do facts.merge(puppetmaster: 'global.example.com') end it { is_expected.to contain_puppet__config__main('server').with_value('mymaster.example.com') } end describe 'global puppetmaster overrides fqdn' do let :facts do facts.merge(puppetmaster: 'global.example.com') end it { is_expected.to contain_puppet__config__main('server').with_value('global.example.com') } end context 'when listen' do let :params do super().merge(listen: true) end describe 'puppetmaster default value is used' do it { is_expected.to contain_file("#{confdir}/auth.conf").with_content(%r{^path /run\nauth any\nmethod save\nallow #{facts[:fqdn]}$}) } end describe 'puppetmaster has value' do let :params do super().merge(puppetmaster: 'mymaster.example.com') end it { is_expected.to contain_file("#{confdir}/auth.conf").with_content(%r{^path /run\nauth any\nmethod save\nallow mymaster.example.com$}) } end describe 'listen_to has values' do let :params do super().merge(listen_to: ['node1.example.com', 'node2.example.com']) end it { is_expected.to contain_file("#{confdir}/auth.conf").with_content(%r{^path /run\nauth any\nmethod save\nallow node1\.example\.com,node2\.example\.com$}) } end end end describe 'with additional settings' do let :params do super().merge(additional_settings: { disable_warnings: 'deprecations' }) end it { is_expected.to contain_puppet__config__main('disable_warnings').with_value('deprecations') } end end end end diff --git a/spec/classes/puppet_init_spec.rb b/spec/classes/puppet_init_spec.rb index d5ff07a..e898098 100644 --- a/spec/classes/puppet_init_spec.rb +++ b/spec/classes/puppet_init_spec.rb @@ -1,122 +1,122 @@ require 'spec_helper' describe 'puppet' do on_os_under_test.each do |os, facts| context "on #{os}" do case facts[:osfamily] when 'FreeBSD' puppet_concat = '/usr/local/etc/puppet/puppet.conf' puppet_directory = '/usr/local/etc/puppet' - if Puppet.version < '5.0' - puppet_package = 'puppet4' - else - puppet_package = 'puppet5' - end + puppet_package = Puppet.version < '5.0' ? 'puppet4' : 'puppet5' when 'windows' puppet_concat = 'C:/ProgramData/PuppetLabs/puppet/etc/puppet.conf' puppet_directory = 'C:/ProgramData/PuppetLabs/puppet/etc' puppet_package = 'puppet-agent' + when 'Archlinux' + puppet_concat = '/etc/puppetlabs/puppet/puppet.conf' + puppet_directory = '/etc/puppetlabs/puppet' + puppet_package = 'puppet' else puppet_concat = '/etc/puppetlabs/puppet/puppet.conf' puppet_directory = '/etc/puppetlabs/puppet' puppet_package = 'puppet-agent' end let :facts do facts end describe 'with no custom parameters' do it { is_expected.to compile.with_all_deps unless facts[:osfamily] == 'windows' } it { should contain_class('puppet::agent') } it { should contain_class('puppet::config') } it { should_not contain_class('puppet::server') } it { should contain_file(puppet_directory).with_ensure('directory') } it { should contain_concat(puppet_concat) } it { should contain_package(puppet_package).with_ensure('present') } end describe 'with server => true', :unless => unsupported_puppetmaster_osfamily(facts[:osfamily]) do let :params do { :server => true, } end it { is_expected.to compile.with_all_deps } it { should contain_class('puppet::server') } it { should contain_class('puppet::agent::service').that_requires('Class[puppet::server]') } end describe 'with empty ca_server' do let :params do { :ca_server => '', } end it { should_not contain_puppet__config__main('ca_server') } end describe 'with ca_server' do let :params do { :ca_server => 'ca.example.org', } end it { should contain_puppet__config__main('ca_server').with_value('ca.example.org') } end describe 'with undef ca_port' do let :params do { :ca_port => :undef, } end it { should_not contain_puppet__config__main('ca_port') } end describe 'with ca_port' do let :params do { :ca_port => 8140, } end it { should contain_puppet__config__main('ca_port').with_value(8140) } end describe 'with package_source => Httpurl' do let :params do { :package_source => 'https://example.com:123/test' } end if facts[:osfamily] != 'windows' it { is_expected.to compile } end end describe 'with package_source => Unixpath' do let :params do { :package_source => '/test/folder/path/source.rpm' } end if facts[:osfamily] != 'windows' it { is_expected.to compile } end end describe 'with package_source => Windowspath' do let :params do { :package_source => 'C:\test\folder\path\source.exe' } end if facts[:osfamily] != 'windows' it { is_expected.to compile } end end describe 'with package_source => foo' do let :params do { :package_source => 'foo' } end if facts[:osfamily] != 'windows' it { is_expected.not_to compile } end end end end end diff --git a/spec/classes/puppet_server_puppetserver_spec.rb b/spec/classes/puppet_server_puppetserver_spec.rb index 088322e..d984e30 100644 --- a/spec/classes/puppet_server_puppetserver_spec.rb +++ b/spec/classes/puppet_server_puppetserver_spec.rb @@ -1,539 +1,547 @@ require 'spec_helper' describe 'puppet' do on_os_under_test.each do |os, facts| next if unsupported_puppetmaster_osfamily(facts[:osfamily]) context "on #{os}" do let(:facts) do facts end let(:auth_conf) { '/etc/custom/puppetserver/conf.d/auth.conf' } let(:puppetserver_conf) { '/etc/custom/puppetserver/conf.d/puppetserver.conf' } let(:params) do { server: true, # We set these values because they're calculated server_jvm_config: '/etc/default/puppetserver', server_jvm_min_heap_size: '2G', server_jvm_max_heap_size: '2G', server_jvm_extra_args: '', server_max_active_instances: 2, server_puppetserver_dir: '/etc/custom/puppetserver', server_puppetserver_version: '2.7.0', } end + let(:server_vardir) do + if ['FreeBSD', 'DragonFly'].include?(facts[:operatingsystem]) + '/var/puppet/server/data/puppetserver' + else + '/opt/puppetlabs/server/data/puppetserver' + end + end + describe 'with default parameters' do it { should contain_file('/etc/custom/puppetserver/services.d').with_ensure('directory') } it { should contain_file('/etc/custom/puppetserver/services.d/ca.cfg') .with_content(%r{^puppetlabs.services.ca.certificate-authority-service/certificate-authority-service}) .with_content(%r{^#puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service}) .without_content(%r{^puppetlabs.trapperkeeper.services.watcher.filesystem-watch-service/filesystem-watch-service}) } if facts[:osfamily] == 'FreeBSD' it { should contain_augeas('puppet::server::puppetserver::jvm') .with_changes(['set puppetserver_java_opts \'"-Xms2G -Xmx2G"\'']) .with_context('/files/etc/rc.conf') } else it { should contain_file('/opt/puppetlabs/server/apps/puppetserver/config').with_ensure('directory') } it { should contain_file('/opt/puppetlabs/server/apps/puppetserver/config/services.d').with_ensure('directory') } it { should contain_augeas('puppet::server::puppetserver::bootstrap') .with_changes('set BOOTSTRAP_CONFIG \'"/etc/custom/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/"\'') } it { should contain_augeas('puppet::server::puppetserver::jvm') .with_changes(['set JAVA_ARGS \'"-Xms2G -Xmx2G"\'', 'set JAVA_BIN /usr/bin/java']) .with_context('/files/etc/default/puppetserver') .with_incl('/etc/default/puppetserver') .with_lens('Shellvars.lns') } end it { should contain_file('/etc/custom/puppetserver/conf.d/ca.conf').with_ensure('absent') } it { should contain_file(puppetserver_conf) .without_content(/^# Settings related to the puppet-admin HTTP API$/) .without_content(/^puppet-admin: \{$/) .without_content(/^\s+client-whitelist: \[$/) .without_content(/^\s+"localhost"\,$/) .without_content(/^\s+"puppetserver123.example.com"\,$/) } it { should contain_file('/etc/custom/puppetserver/conf.d/webserver.conf') .with_content(/ssl-host:\s0\.0\.0\.0/) .with_content(/ssl-port:\s8140/) .without_content(/ host:\s/) .without_content(/ port:\s8139/) .without_content(/selector-threads:/) .without_content(/acceptor-threads:/) .without_content(/ssl-selector-threads:/) .without_content(/ssl-acceptor-threads:/) .without_content(/max-threads:/) } it { should contain_file(auth_conf) .with_content(/allow-header-cert-info: false/) .with_content(%r{^\s+path: "/puppet-ca/v1/certificate_status"}) .with_content(/^\s+name: "puppetlabs cert status"/) .with_content(%r{^\s+path: "/puppet-ca/v1/certificate_statuses"}) .with_content(/^\s+name: "puppetlabs cert statuses"/) .with_content(%r{^\s+path: "/puppet-admin-api/v1/environment-cache"}) .with_content(/^\s+name: "environment-cache"/) .with_content(%r{^\s+path: "/puppet-admin-api/v1/jruby-pool"}) .with_content(/^\s+name: "jruby-pool"/) } end describe 'server_puppetserver_vardir' do context 'with default parameters' do - it { should contain_file(puppetserver_conf).with_content(%r{^ master-var-dir: /opt/puppetlabs/server/data/puppetserver$}) } + it { should contain_file(puppetserver_conf).with_content(%r{^ master-var-dir: #{server_vardir}$}) } end context 'with custom server_puppetserver_vardir' do let(:params) { super().merge(server_puppetserver_vardir: '/opt/custom/puppetserver') } it { should contain_file(puppetserver_conf).with_content(%r{^ master-var-dir: /opt/custom/puppetserver$}) } end end describe 'use-legacy-auth-conf' do context 'with default parameters' do it { should contain_file(puppetserver_conf).with_content(/^ use-legacy-auth-conf: false$/) } end context 'when use-legacy-auth-conf = true' do let(:params) { super().merge(server_use_legacy_auth_conf: true) } it { should contain_file(puppetserver_conf).with_content(/^ use-legacy-auth-conf: true$/) } end end describe 'environment-class-cache-enabled' do context 'with default parameters' do it { should contain_file(puppetserver_conf).with_content(/^ environment-class-cache-enabled: false$/) } end context 'when environment-class-cache-enabled = true' do let(:params) { super().merge(server_environment_class_cache_enabled: true) } it { should contain_file(puppetserver_conf).with_content(/^ environment-class-cache-enabled: true$/) } end end describe 'server_max_requests_per_instance' do context 'with default parameters' do it { should contain_file(puppetserver_conf).with_content(/^ max-requests-per-instance: 0$/) } end context 'custom server_max_requests_per_instance' do let(:params) { super().merge(server_max_requests_per_instance: 123_456) } it { should contain_file(puppetserver_conf).with_content(/^ max-requests-per-instance: 123456$/) } end end describe 'server_max_queued_requests' do context 'when server_puppetserver_version >= 5.0' do let(:params) { super().merge(server_puppetserver_version: '5.0.0') } context 'with default parameters' do it { should contain_file(puppetserver_conf).with_content(/^ max-queued-requests: 0\n/) } end context 'with custom server_max_queued_requests' do let(:params) { super().merge(server_max_queued_requests: 100) } it { should contain_file(puppetserver_conf).with_content(/^ max-queued-requests: 100\n/) } end end context 'when server_puppetserver_version < 5.0 with default parameters' do it { should contain_file(puppetserver_conf).without_content('max-queued-requests') } end end describe 'server_max_retry_delay' do context 'when server_puppetserver_version >= 5.0' do let(:params) { super().merge(server_puppetserver_version: '5.0.0') } context 'with default parameters' do it { should contain_file(puppetserver_conf).with_content(/^ max-retry-delay: 1800\n/) } end context 'with custom server_max_retry_delay' do let(:params) { super().merge(server_max_retry_delay: 100) } it { should contain_file(puppetserver_conf).with_content(/^ max-retry-delay: 100\n/) } end end context 'when server_puppetserver_version < 5.0 with default parameters' do it { should contain_file(puppetserver_conf).without_content('max-retry-delay') } end end describe 'ca.cfg' do it { should contain_file('/etc/custom/puppetserver/services.d').with_ensure('directory') } it { should contain_file('/etc/custom/puppetserver/services.d/ca.cfg') .with_content(%r{^puppetlabs.services.ca.certificate-authority-service/certificate-authority-service}) .with_content(%r{^#puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service}) } unless facts[:osfamily] == 'FreeBSD' it { should contain_file('/opt/puppetlabs/server/apps/puppetserver/config').with_ensure('directory') } it { should contain_file('/opt/puppetlabs/server/apps/puppetserver/config/services.d').with_ensure('directory') } it { should contain_augeas('puppet::server::puppetserver::bootstrap') .with_changes('set BOOTSTRAP_CONFIG \'"/etc/custom/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/"\'') .with_context('/files/etc/default/puppetserver') .with_incl('/etc/default/puppetserver') .with_lens('Shellvars.lns') } end context 'when server_ca => false' do let(:params) { super().merge(server_ca: false) } it { should contain_file('/etc/custom/puppetserver/services.d/ca.cfg') .with_content(%r{^#puppetlabs.services.ca.certificate-authority-service/certificate-authority-service}) .with_content(%r{^puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service}) } end context 'when server_puppetserver_version >= 5.1' do let(:params) { super().merge(server_puppetserver_version: '5.1.0') } it { should contain_file('/etc/custom/puppetserver/services.d/ca.cfg') .with_content(%r{^puppetlabs.services.ca.certificate-authority-service/certificate-authority-service}) .with_content(%r{^#puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service}) .with_content(%r{^puppetlabs.trapperkeeper.services.watcher.filesystem-watch-service/filesystem-watch-service}) } end end describe 'product.conf' do context 'with default parameters' do it { should contain_file('/etc/custom/puppetserver/conf.d/product.conf') .with_content(/^\s+check-for-updates: true/) } end context 'with server_check_for_updates => false' do let(:params) { super().merge(server_check_for_updates: false) } it { should contain_file('/etc/custom/puppetserver/conf.d/product.conf') .with_content(/^\s+check-for-updates: false/) } end end describe 'server_metrics' do context 'when server_puppetserver_version < 5.0' do context 'when server_metrics => true' do let(:params) { super().merge(server_puppetserver_metrics: true) } it { should contain_file(puppetserver_conf) .without_content(/^ metrics-enabled: (.*)$/) .with_content(/^profiler: \{\n # enable or disable profiling for the Ruby code;\n enabled: true/) } it { should_not contain_file('/etc/custom/puppetserver/conf.d/metrics.conf') } end context 'when server_metrics => false' do let(:params) { super().merge(server_puppetserver_metrics: false) } it { should contain_file(puppetserver_conf) .without_content(/^ metrics-enabled: (.*)$/) .with_content(/^profiler: \{\n # enable or disable profiling for the Ruby code;\n enabled: false/) } it { should_not contain_file('/etc/custom/puppetserver/conf.d/metrics.conf') } end end context 'when server_puppetserver_version >= 5.0' do let(:params) { super().merge(server_puppetserver_version: '5.0.0') } context 'when server_metrics => true' do let(:params) do super().merge( server_puppetserver_metrics: true, server_metrics_graphite_enable: true, server_metrics_graphite_host: 'graphitehost.example.com', server_metrics_graphite_port: 2003, server_metrics_server_id: 'puppetserver.example.com', server_metrics_graphite_interval: 5, server_metrics_allowed: ['single.element.array'], ) end it { should contain_file(puppetserver_conf) .with_content(/^ # Whether to enable http-client metrics; defaults to 'true'.\n metrics-enabled: true$(.*)/) .with_content(/^profiler: \{\n # enable or disable profiling for the Ruby code;\n enabled: true/) } it { should contain_file('/etc/custom/puppetserver/conf.d/metrics.conf') .with_content(/^( *)metrics-allowed: \[\n( *)"single.element.array",\n( *)\]/) .with_content(/^( *)server-id: "puppetserver.example.com"/) .with_content(/^( *)jmx: \{\n( *)enabled: true/) .with_content(/^( *)graphite: \{\n( *)enabled: true/) .with_content(/^( *)host: "graphitehost.example.com"/) .with_content(/^( *)port: 2003/) .with_content(/^( *)update-interval-seconds: 5/) } end context 'when server_metrics => false' do let(:params) { super().merge(server_puppetserver_metrics: false) } it { should contain_file(puppetserver_conf) .with_content(/^ # Whether to enable http-client metrics; defaults to 'true'.\n metrics-enabled: false$/) .with_content(/^profiler: \{\n # enable or disable profiling for the Ruby code;\n enabled: false/) } it { should contain_file('/etc/custom/puppetserver/conf.d/metrics.conf').with_ensure('absent') } end end end describe 'server_experimental' do context 'when server_puppetserver_version < 5.0' do context 'when server_experimental => true' do let(:params) { super().merge(server_puppetserver_experimental: true) } it { should contain_file(auth_conf).without_content(%r{^(\ *)path: "/puppet/experimental"$}) } end context 'when server_experimental => false' do let(:params) { super().merge(server_puppetserver_experimental: false) } it { should contain_file(auth_conf).without_content(%r{^(\ *)path: "/puppet/experimental"$}) } end end context 'when server_puppetserver_version >= 5.0' do let(:params) { super().merge(server_puppetserver_version: '5.0.0') } context 'when server_experimental => true' do let(:params) { super().merge(server_puppetserver_experimental: true) } it { should contain_file(auth_conf).with_content(%r{^(\ *)path: "/puppet/experimental"$}) } end context 'when server_experimental => false' do let(:params) { super().merge(server_puppetserver_experimental: false) } it { should contain_file(auth_conf).without_content(%r{^(\ *)path: "/puppet/experimental"$}) } end end end describe 'puppet tasks information' do context 'when server_puppetserver_version < 5.1' do it { should contain_file(auth_conf).without_content(%r{^(\ *)path: "/puppet/v3/tasks"$}) } end context 'when server_puppetserver_version >= 5.1' do let(:params) { super().merge(server_puppetserver_version: '5.1.0') } it { should contain_file(auth_conf).with_content(%r{^(\ *)path: "/puppet/v3/tasks"$}) } end end describe 'puppet facts upload' do context 'when server_puppetserver_version >= 5.3' do let(:params) { super().merge(server_puppetserver_version: '5.3.0') } it { should contain_file(auth_conf).with_content(%r{^(\ *)path: "\^/puppet/v3/facts/(.*)$}) } end context 'when server_puppetserver_version < 5.3' do let(:params) { super().merge(server_puppetserver_version: '5.2.0') } it { should contain_file(auth_conf).without_content(%r{^(\ *)path: "\^/puppet/v3/facts/(.*)$}) } end end describe 'server_trusted_agents' do context 'when set' do let(:params) { super().merge(server_puppetserver_trusted_agents: ['jenkins', 'octocatalog-diff']) } it { should contain_file(auth_conf).with_content(/^ allow: \["jenkins", "octocatalog-diff", "\$1"\]$/) } end end describe 'server_jruby9k', unless: facts[:osfamily] == 'FreeBSD' do context 'when server_puppetserver_version < 5.0' do context 'when server_jruby9k => true' do let(:params) { super().merge(server_puppetserver_jruby9k: true) } it { should_not contain_augeas('puppet::server::puppetserver::jruby_jar') } end context 'when server_jruby9k => false' do let(:params) { super().merge(server_puppetserver_jruby9k: false) } it { should_not contain_augeas('puppet::server::puppetserver::jruby_jar') } end end context 'when server_puppetserver_version >= 5.0' do let(:params) { super().merge(server_puppetserver_version: '5.0.0') } context 'when server_jruby9k => true' do let(:params) { super().merge(server_puppetserver_jruby9k: true) } it do should contain_augeas('puppet::server::puppetserver::jruby_jar') .with_changes(['set JRUBY_JAR \'"/opt/puppetlabs/server/apps/puppetserver/jruby-9k.jar"\'']) .with_context('/files/etc/default/puppetserver') .with_incl('/etc/default/puppetserver') .with_lens('Shellvars.lns') end end context 'when server_jruby9k => false' do let(:params) { super().merge(server_puppetserver_jruby9k: false) } it do should contain_augeas('puppet::server::puppetserver::jruby_jar') .with_changes(['rm JRUBY_JAR']) .with_context('/files/etc/default/puppetserver') .with_incl('/etc/default/puppetserver') .with_lens('Shellvars.lns') end end end end describe 'with extra_args parameter' do let(:params) { super().merge(server_jvm_extra_args: ['-XX:foo=bar', '-XX:bar=foo']) } if facts[:osfamily] == 'FreeBSD' it { should contain_augeas('puppet::server::puppetserver::jvm') .with_changes(['set puppetserver_java_opts \'"-Xms2G -Xmx2G -XX:foo=bar -XX:bar=foo"\'']) .with_context('/files/etc/rc.conf') } else it { should contain_augeas('puppet::server::puppetserver::jvm') .with_changes([ 'set JAVA_ARGS \'"-Xms2G -Xmx2G -XX:foo=bar -XX:bar=foo"\'', 'set JAVA_BIN /usr/bin/java' ]) .with_context('/files/etc/default/puppetserver') .with_incl('/etc/default/puppetserver') .with_lens('Shellvars.lns') } end end describe 'with cli_args parameter', unless: facts[:osfamily] == 'FreeBSD' do let(:params) { super().merge(server_jvm_cli_args: '-Djava.io.tmpdir=/var/puppettmp') } it do should contain_augeas('puppet::server::puppetserver::jvm') .with_changes([ 'set JAVA_ARGS \'"-Xms2G -Xmx2G"\'', 'set JAVA_BIN /usr/bin/java', 'set JAVA_ARGS_CLI \'"-Djava.io.tmpdir=/var/puppettmp"\'' ]) .with_context('/files/etc/default/puppetserver') .with_incl('/etc/default/puppetserver') .with_lens('Shellvars.lns') end end describe 'with jvm_config file parameter' do let(:params) { super().merge(server_jvm_config: '/etc/custom/puppetserver') } if facts[:osfamily] == 'FreeBSD' it { should contain_augeas('puppet::server::puppetserver::jvm').with_context('/files/etc/rc.conf') } else it do should contain_augeas('puppet::server::puppetserver::jvm') .with_context('/files/etc/custom/puppetserver') .with_incl('/etc/custom/puppetserver') .with_lens('Shellvars.lns') end end end describe 'gem-path' do context 'when server_puppetserver_version < 5.3' do it do should contain_file(puppetserver_conf) - .with_content(%r{^ gem-path: \[\$\{jruby-puppet.gem-home\}, "/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems"\]$}) + .with_content(%r{^ gem-path: \[\$\{jruby-puppet.gem-home\}, "#{server_vardir}/vendored-jruby-gems"\]$}) end end context 'when server_puppetserver_version >= 5.3' do let(:params) { super().merge(server_puppetserver_version: '5.3.0') } - if facts[:osfamily] == 'FreeBSD' + if ['FreeBSD', 'DragonFly'].include?(facts[:osfamily]) it do should contain_file(puppetserver_conf) - .with_content(%r{^ gem-path: \[\$\{jruby-puppet.gem-home\}, "/var/puppet/server/data/puppetserver/vendored-jruby-gems"\]$}) + .with_content(%r{^ gem-path: \[\$\{jruby-puppet.gem-home\}, "#{server_vardir}/vendored-jruby-gems"\]$}) end else it do should contain_file(puppetserver_conf) - .with_content(%r{^ gem-path: \[\$\{jruby-puppet.gem-home\}, "/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems", "/opt/puppetlabs/puppet/lib/ruby/vendor_gems"\]$}) + .with_content(%r{^ gem-path: \[\$\{jruby-puppet.gem-home\}, "#{server_vardir}/vendored-jruby-gems", "/opt/puppetlabs/puppet/lib/ruby/vendor_gems"\]$}) end end end end describe 'Puppet Server CA related settings' do context 'when server_puppetserver_version < 5.3.6' do let(:params) { super().merge(server_puppetserver_version: '5.3.5') } context 'with default parameters' do it { should contain_file('/etc/custom/puppetserver/conf.d/ca.conf').with_ensure('absent') } it { should contain_file(auth_conf).without_content(/^( *)pp_cli_auth: "true"$/) } end end context 'when server_puppetserver_version >= 5.3.6' do let(:params) { super().merge(server_puppetserver_version: '5.3.6') } context 'with default parameters' do it { should contain_file('/etc/custom/puppetserver/conf.d/ca.conf') .with_ensure('present') .with_content(/^( *)allow-subject-alt-names: false$/) .with_content(/^( *)allow-authorization-extensions: false$/) } it { should contain_file(auth_conf).with_content(/^( *)pp_cli_auth: "true"$/) } end context 'with ca parameters set' do let(:params) { super().merge( server_ca_allow_sans: true, server_ca_allow_auth_extensions: true, ) } it { should contain_file('/etc/custom/puppetserver/conf.d/ca.conf') .with_ensure('present') .with_content(/^( *)allow-subject-alt-names: true$/) .with_content(/^( *)allow-authorization-extensions: true$/) } end end end describe 'when server_puppetserver_version < 2.7' do let(:params) { super().merge(server_puppetserver_version: '2.6.0') } it { should raise_error(Puppet::Error, /puppetserver <2.7 is not supported by this module version/) } end describe 'allow jetty specific server threads' do context 'with thread config' do let(:params) do super().merge( server_selector_threads: 1, server_acceptor_threads: 2, server_ssl_selector_threads: 3, server_ssl_acceptor_threads: 4, server_max_threads: 5 ) end it { is_expected.to compile.with_all_deps } it { is_expected.to contain_file('/etc/custom/puppetserver/conf.d/webserver.conf'). with_content(/selector-threads: 1/). with_content(/acceptor-threads: 2/). with_content(/ssl-selector-threads: 3/). with_content(/ssl-acceptor-threads: 4/). with_content(/max-threads: 5/) } end end end end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 7b41016..04c5436 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,74 +1,74 @@ # This file is managed centrally by modulesync # https://github.com/theforeman/foreman-installer-modulesync require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' include RspecPuppetFacts # Original fact sources: add_custom_fact :puppet_environmentpath, '/etc/puppetlabs/code/environments' # puppetlabs-stdlib add_custom_fact :root_home, '/root' # puppetlabs-stdlib # Workaround for no method in rspec-puppet to pass undef through :params class Undef def inspect; 'undef'; end end # Running tests with the ONLY_OS environment variable set # limits the tested platforms to the specified values. # Example: ONLY_OS=centos-7-x86_64,ubuntu-14-x86_64 def only_test_os if ENV.key?('ONLY_OS') ENV['ONLY_OS'].split(',') end end # Running tests with the EXCLUDE_OS environment variable set # limits the tested platforms to all but the specified values. # Example: EXCLUDE_OS=centos-7-x86_64,ubuntu-14-x86_64 def exclude_test_os if ENV.key?('EXCLUDE_OS') ENV['EXCLUDE_OS'].split(',') end end # Use the above environment variables to limit the platforms under test def on_os_under_test on_supported_os(facterversion: '3.0.0').reject do |os, facts| (only_test_os() && !only_test_os.include?(os)) || (exclude_test_os() && exclude_test_os.include?(os)) end end def get_content(subject, title) is_expected.to contain_file(title) content = subject.resource('file', title).send(:parameters)[:content] content.split(/\n/).reject { |line| line =~ /(^#|^$|^\s+#)/ } end def verify_exact_contents(subject, title, expected_lines) expect(get_content(subject, title)).to match_array(expected_lines) end def verify_concat_fragment_contents(subject, title, expected_lines) is_expected.to contain_concat__fragment(title) content = subject.resource('concat::fragment', title).send(:parameters)[:content] expect(content.split("\n") & expected_lines).to match_array(expected_lines) end def verify_concat_fragment_exact_contents(subject, title, expected_lines) is_expected.to contain_concat__fragment(title) content = subject.resource('concat::fragment', title).send(:parameters)[:content] expect(content.split(/\n/).reject { |line| line =~ /(^#|^$|^\s+#)/ }).to match_array(expected_lines) end aio = on_os_under_test.reject do |os, facts| - ['FreeBSD', 'DragonFly', 'Windows'].include?(facts[:operatingsystem]) + ['Archlinux', 'FreeBSD', 'DragonFly', 'Windows'].include?(facts[:operatingsystem]) end.keys add_custom_fact :rubysitedir, '/opt/puppetlabs/puppet/lib/ruby/site_ruby/2.1.0', :confine => aio def unsupported_puppetmaster_osfamily(osfamily) ['Archlinux', 'windows', 'Suse'].include?(osfamily) end