diff --git a/README.md b/README.md index ff451f6..0cb378d 100644 --- a/README.md +++ b/README.md @@ -1,179 +1,174 @@ [![Puppet Forge](https://img.shields.io/puppetforge/v/theforeman/puppet.svg)](https://forge.puppetlabs.com/theforeman/puppet) [![Build Status](https://travis-ci.org/theforeman/puppet-puppet.svg?branch=master)](https://travis-ci.org/theforeman/puppet-puppet) # Puppet module for installing the Puppet agent and master Installs and configures the Puppet agent and optionally a Puppet master (when `server` is true). Part of the [Foreman installer](https://github.com/theforeman/foreman-installer) or to be used as a Puppet module. When using Puppet Server (version 5.3.6 is the lowest version, this module supports), the module supports and assumes you will be installing the latest version. If you know you'll be installing an earlier or specific version, you will need to override `server_puppetserver_version`. More information in the Puppet Server section below. Many puppet.conf options for agents, masters and other are parameterized, with class documentation provided at the top of the manifests. In addition, there are hash parameters for each configuration section that can be used to supply any options that are not explicitly supported. ## Environments support The module helps configure Puppet environments using directory environments. These are set up under /etc/puppetlabs/code/environments. ## Git repo support Environments can be backed by git by setting `server_git_repo` to true, which sets up `/var/lib/puppet/puppet.git` where each branch maps to one environment. Avoid using 'master' as this name isn't permitted. On each push to the repo, a hook updates `/etc/puppet/environments` with the contents of the branch. Requires [theforeman/git](https://forge.puppetlabs.com/theforeman/git). ## Foreman integration With the 3.0.0 release the Foreman integration became optional. It will still by default install the Foreman integration when `server` is true, so if you wish to run a Puppet master without Foreman, it can be disabled by setting `server_foreman` to false. Requires [theforeman/foreman](https://forge.puppetlabs.com/theforeman/foreman). ## PuppetDB integration The Puppet master can be configured to export catalogs and reports to a PuppetDB instance, using the puppetlabs/puppetdb module. Use its `puppetdb::server` class to install the PuppetDB server and this module to configure the Puppet master to connect to PuppetDB. Requires [puppetlabs/puppetdb](https://forge.puppetlabs.com/puppetlabs/puppetdb) Please see the notes about using puppetlabs/puppetdb 5.x with older versions of Puppet (< 4.x) and PuppetDB (< 3.x) with newer releases of the module and set the values via hiera or an extra include of `puppetdb::globals` with `puppetdb_version` defined. Please also make sure your puppetdb ciphers are compatible with your puppet server ciphers, ie that the two following parameters match: ``` puppet::server::cipher_suites puppetdb::server::cipher_suites ``` # Installation Available from GitHub (via cloning or tarball), [Puppet Forge](https://forge.puppetlabs.com/theforeman/puppet) or as part of the Foreman installer. # Usage As a parameterized class, all the configurable options can be overridden from your wrapper classes or even your ENC (if it supports param classes). For example: # Agent and cron (or daemon): class { '::puppet': runmode => 'cron' } # Agent and puppetmaster: class { '::puppet': server => true } # You want to use git? class { '::puppet': server => true server_git_repo => true } # Maybe you're using gitolite, new hooks, and a different port? class { '::puppet': server => true server_port => 8141, server_git_repo => true, server_git_repo_path => '/var/lib/gitolite/repositories/puppet.git', server_post_hook_name => 'post-receive.puppet', server_post_hook_content => 'puppetserver/post-hook.puppet', } # Configure master without Foreman integration class { '::puppet': server => true, server_foreman => false, server_reports => 'store', server_external_nodes => '', } # Want to integrate with an existing PuppetDB? class { '::puppet': server => true, server_puppetdb_host => 'mypuppetdb.example.com', server_reports => 'puppetdb,foreman', server_storeconfigs_backend => 'puppetdb', } Look in _init.pp_ for what can be configured this way, see Contributing if anything doesn't work. To use this in standalone mode, edit a file (e.g. install.pp), put in a class resource, as per the examples above, and the execute _puppet apply_ e.g: cat > install.pp < true } EOF puppet apply install.pp --modulepath /path_to/extracted_tarball # Advanced scenarios An HTTP (non-SSL) puppetmaster instance can be set up (standalone or in addition to the SSL instance) by setting the `server_http` parameter to `true`. This is useful for reverse proxy or load balancer scenarios where the proxy/load balancer takes care of SSL termination. The HTTP puppetmaster instance expects the `X-Client-Verify`, `X-SSL-Client-DN` and `X-SSL-Subject` HTTP headers to have been set on the front end server. The listening port can be configured by setting `server_http_port` (which defaults to 8139). For puppetserver, this HTTP instance accepts **ALL** connections and no further restrictions can be configured. **Note that running an HTTP puppetmaster is a huge security risk when improperly configured. Allowed hosts should be tightly controlled; anyone with access to an allowed host can access all client catalogues and client certificates.** # Configure an HTTP puppetmaster vhost in addition to the standard SSL vhost class { '::puppet': server => true, server_http => true, server_http_port => 8130, # default: 8139 } ## Puppet Server configuration Puppet Server requires slightly different configuration between different versions, which this module supports. It's recommended that you set the `server_puppetserver_version` parameter to the MAJOR.MINOR.PATCH version you have installed. By default the module will configure for the latest version available. -# Soft Dependencies - -If you use a OS which uses systemd you may consider to download `camptocamp/systemd` module for compatibility. -It is **only** needed if you use the **puppetserver** feature. - # Contributing * Fork the project * Commit and push until you are happy with your contribution # More info See https://theforeman.org or at #theforeman irc channel on freenode Copyright (c) 2010-2012 Ohad Levy This program and entire repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . diff --git a/manifests/agent/service/systemd.pp b/manifests/agent/service/systemd.pp index 8412bc5..9352102 100644 --- a/manifests/agent/service/systemd.pp +++ b/manifests/agent/service/systemd.pp @@ -1,74 +1,27 @@ # Set up running the agent via a systemd timer # @api private class puppet::agent::service::systemd ( Boolean $enabled = false, Optional[Integer[0,23]] $hour = undef, Optional[Integer[0,59]] $minute = undef, ) { - unless $::puppet::runmode == 'unmanaged' or 'systemd.timer' in $::puppet::unavailable_runmodes { - exec { 'systemctl-daemon-reload-puppet': - refreshonly => true, - path => $::path, - command => 'systemctl daemon-reload', - } - - if $enabled { - # Use the same times as for cron - $times = extlib::ip_to_cron($::puppet::runinterval) - - # But only if they are not explicitly specified - $_hour = pick($hour, $times[0]) - $_minute = pick($minute, $times[1]) - - $command = $::puppet::systemd_cmd ? { - undef => "${::puppet::puppet_cmd} agent --config ${::puppet::dir}/puppet.conf --onetime --no-daemonize --detailed-exitcode --no-usecacheonfailure", - default => $::puppet::systemd_cmd, - } - - $randomizeddelaysec = $::puppet::systemd_randomizeddelaysec - - file { "/etc/systemd/system/${::puppet::systemd_unit_name}.timer": - content => template('puppet/agent/systemd.puppet-run.timer.erb'), - notify => [ - Exec['systemctl-daemon-reload-puppet'], - Service['puppet-run.timer'], - ], - } - - file { "/etc/systemd/system/${::puppet::systemd_unit_name}.service": - content => template('puppet/agent/systemd.puppet-run.service.erb'), - notify => Exec['systemctl-daemon-reload-puppet'], - } - - service { 'puppet-run.timer': - ensure => running, - provider => 'systemd', - name => "${::puppet::systemd_unit_name}.timer", - enable => true, - require => Exec['systemctl-daemon-reload-puppet'], - } - } else { - # Reverse order - stop, delete files, exec - service { 'puppet-run.timer': - ensure => stopped, - provider => 'systemd', - name => "${::puppet::systemd_unit_name}.timer", - enable => false, - before => [ - File["/etc/systemd/system/${::puppet::systemd_unit_name}.timer"], - File["/etc/systemd/system/${::puppet::systemd_unit_name}.service"], - ], - } - - file { "/etc/systemd/system/${::puppet::systemd_unit_name}.timer": - ensure => absent, - notify => Exec['systemctl-daemon-reload-puppet'], - } - - file { "/etc/systemd/system/${::puppet::systemd_unit_name}.service": - ensure => absent, - notify => Exec['systemctl-daemon-reload-puppet'], - } + unless $puppet::runmode == 'unmanaged' or 'systemd.timer' in $puppet::unavailable_runmodes { + # Use the same times as for cron + $times = extlib::ip_to_cron($puppet::runinterval) + + # But only if they are not explicitly specified + $_hour = pick($hour, $times[0]) + $_minute = pick($minute, $times[1]) + + $command = pick($puppet::systemd_cmd, "${puppet::puppet_cmd} agent --config ${puppet::dir}/puppet.conf --onetime --no-daemonize --detailed-exitcode --no-usecacheonfailure") + $randomizeddelaysec = $puppet::systemd_randomizeddelaysec + + systemd::timer { "${puppet::systemd_unit_name}.timer": + ensure => bool2str($enabled, 'present', 'absent'), + active => $enabled, + enable => $enabled, + timer_content => template('puppet/agent/systemd.puppet-run.timer.erb'), + service_content => template('puppet/agent/systemd.puppet-run.service.erb'), } } } diff --git a/metadata.json b/metadata.json index b52a951..9d67e3e 100644 --- a/metadata.json +++ b/metadata.json @@ -1,113 +1,117 @@ { "name": "theforeman-puppet", "version": "13.0.0", "author": "theforeman", "summary": "Puppet agent and server configuration", "license": "GPL-3.0+", "source": "git://github.com/theforeman/puppet-puppet", "project_page": "https://github.com/theforeman/puppet-puppet", "issues_url": "https://github.com/theforeman/puppet-puppet/issues", "description": "Module for installing the Puppet agent and Puppet server", "tags": [ "foreman", "puppet", "puppetmaster", "puppet-server" ], "dependencies": [ { "name": "puppetlabs/concat", "version_requirement": ">= 4.1.0 < 7.0.0" }, { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.18.0 < 7.0.0" }, { "name": "puppet/extlib", "version_requirement": ">= 3.0.0 < 6.0.0" + }, + { + "name": "camptocamp/systemd", + "version_requirement": ">= 2.9.0 < 3.0.0" } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 5.5.8 < 7.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Scientific", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Fedora", "operatingsystemrelease": [ "26" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ "9", "10" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "16.04", "18.04" ] }, { "operatingsystem": "FreeBSD", "operatingsystemrelease": [ "11", "12" ] }, { "operatingsystem": "DragonFly", "operatingsystemrelease": [ "4" ] }, { "operatingsystem": "Archlinux" }, { "operatingsystem": "SLES", "operatingsystemrelease": [ "11", "12" ] }, { "operatingsystem": "windows", "operatingsystemrelease": [ "7", "8", "2008 R2", "2012", "2012 R2" ] } ] } diff --git a/spec/classes/puppet_agent_spec.rb b/spec/classes/puppet_agent_spec.rb index b3deae9..9ece2b9 100644 --- a/spec/classes/puppet_agent_spec.rb +++ b/spec/classes/puppet_agent_spec.rb @@ -1,455 +1,436 @@ require 'spec_helper' require 'deep_merge' describe 'puppet' do on_os_under_test.each do |os, facts| context "on #{os}" do case facts[:osfamily] when 'FreeBSD' puppet_major = facts[:puppetversion].to_i bindir = '/usr/local/bin' client_package = "puppet#{puppet_major}" confdir = '/usr/local/etc/puppet' package_provider = nil when 'windows' bindir = 'C:/ProgramData/PuppetLabs/puppet/bin' client_package = 'puppet-agent' confdir = 'C:/ProgramData/PuppetLabs/puppet/etc' package_provider = 'chocolatey' when 'Archlinux' bindir = '/usr/bin' client_package = 'puppet' confdir = '/etc/puppetlabs/puppet' package_provider = nil else bindir = '/opt/puppetlabs/bin' client_package = 'puppet-agent' confdir = '/etc/puppetlabs/puppet' package_provider = nil end let :facts do facts.deep_merge( # Cron/systemd timers are based on the IP - make it consistent networking: { ip: '192.0.2.100' } ) end let :params do { agent: true } end describe 'with no custom parameters' do # For windows we specify a package provider which doesn't compile if facts[:osfamily] != 'windows' it { is_expected.to compile.with_all_deps } end # install it do is_expected.to contain_class('puppet::agent::install') .with_manage_packages(true) .with_package_name([client_package]) .with_package_version('present') .with_package_provider(package_provider) .with_package_source(nil) .that_notifies(['Class[puppet::agent::config]', 'Class[puppet::agent::service]']) end it do is_expected.to contain_package(client_package) .with_ensure('present') .with_provider(package_provider) .with_source(nil) end # config it { is_expected.to contain_class('puppet::agent::config').that_notifies('Class[puppet::agent::service]') } it { is_expected.to contain_file(confdir).with_ensure('directory') } it { is_expected.to contain_concat("#{confdir}/puppet.conf") } it { is_expected.to contain_concat__fragment('puppet.conf_agent').with_content(/^\[agent\]/) } it { is_expected.to contain_puppet__config__agent('report').with_value('true') } it { is_expected.not_to contain_puppet__config__agent('prerun_command') } it { is_expected.not_to contain_puppet__config__agent('postrun_command') } if facts[:osfamily] == 'Debian' it do is_expected.to contain_augeas('puppet::set_start') .with_context('/files/etc/default/puppet') .with_changes('set START yes') .with_incl('/etc/default/puppet') .with_lens('Shellvars.lns') end it { is_expected.to contain_file('/var/lib/puppet/state/agent_disabled.lock').with_ensure(:absent) } end # service it { is_expected.to contain_class('puppet::agent::service') } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(true) } it do is_expected.to contain_service('puppet') .with_ensure('running') .with_name('puppet') .with_hasstatus('true') .with_enable('true') end it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } if os =~ /\A(windows|archlinux)/ it { is_expected.not_to contain_cron('puppet') } else it { is_expected.to contain_cron('puppet').with_ensure('absent') } end it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ - it do - is_expected.to contain_exec('systemctl-daemon-reload-puppet') - .with_refreshonly(true) - .with_command('systemctl daemon-reload') - end - it do is_expected.to contain_service('puppet-run.timer') - .with_ensure(:stopped) + .with_ensure(false) .with_provider('systemd') .with_name('puppet-run.timer') .with_enable(false) end it { is_expected.to contain_file('/etc/systemd/system/puppet-run.timer').with_ensure(:absent) } it { is_expected.to contain_file('/etc/systemd/system/puppet-run.service').with_ensure(:absent) } else it { is_expected.not_to contain_service('puppet-run.timer') } it { is_expected.not_to contain_file('/etc/systemd/system/puppet-run.timer') } it { is_expected.not_to contain_file('/etc/systemd/system/puppet-run.service') } - it { is_expected.not_to contain_exec('systemctl-daemon-reload-puppet') } end end describe 'set prerun_command will be included in config' do let :params do super().merge(prerun_command: '/my/prerun') end it { is_expected.to contain_puppet__config__agent('prerun_command').with_value('/my/prerun') } end describe 'set postrun_command will be included in config' do let :params do super().merge(postrun_command: '/my/postrun') end it { is_expected.to contain_puppet__config__agent('postrun_command').with_value('/my/postrun') } end describe 'with additional settings' do let :params do super().merge(agent_additional_settings: { 'ignoreschedules' => true }) end it { is_expected.to contain_puppet__config__agent('ignoreschedules').with_value('true') } end context 'manage_packages' do describe 'when manage_packages => false' do let :params do super().merge(manage_packages: false) end it { is_expected.not_to contain_package(client_package) } end describe "when manage_packages => 'agent'" do let :params do super().merge(manage_packages: 'agent') end it { is_expected.to contain_package(client_package) } end describe "when manage_packages => 'server'" do let :params do super().merge(manage_packages: 'server') end it { is_expected.not_to contain_package(client_package) } end end context 'runmode' do describe 'when runmode => cron' do let :params do super().merge(runmode: 'cron') end case os when /\A(windows|archlinux)/ it { is_expected.to raise_error(Puppet::Error, /Runmode of cron not supported on #{facts[:kernel]} operating systems!/) } when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_concat__fragment('puppet.conf_agent') } if facts[:osfamily] == 'Debian' it do is_expected.to contain_augeas('puppet::set_start') .with_context('/files/etc/default/puppet') .with_changes('set START no') .with_incl('/etc/default/puppet') .with_lens('Shellvars.lns') end it { is_expected.to contain_file('/var/lib/puppet/state/agent_disabled.lock').with_ensure(:absent) } end it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(true) } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it do is_expected.to contain_service('puppet') .with_ensure('stopped') .with_name('puppet') .with_hasstatus('true') .with_enable('false') end it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } - it { is_expected.to contain_service('puppet-run.timer').with_ensure(:stopped) } + it { is_expected.to contain_service('puppet-run.timer').with_ensure(false) } it do is_expected.to contain_cron('puppet') .with_command("#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize") .with_user('root') .with_minute(%w[10 40]) .with_hour('*') end else it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(true) } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } it { is_expected.not_to contain_service('puppet-run.timer') } it do is_expected.to contain_cron('puppet') .with_command("#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize") .with_user('root') .with_minute(%w[10 40]) .with_hour('*') end end end describe 'when runmode => cron with specified time' do let :params do super().merge(runmode: 'cron', run_hour: 22, run_minute: 01 ) end case os when /\A(windows|archlinux)/ it { is_expected.to raise_error(Puppet::Error, /Runmode of cron not supported on #{facts[:kernel]} operating systems!/) } when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/ it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(true) } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it do is_expected.to contain_service('puppet') .with_ensure('stopped') .with_name('puppet') .with_hasstatus('true') .with_enable('false') end it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } - it { is_expected.to contain_service('puppet-run.timer').with_ensure(:stopped) } + it { is_expected.to contain_service('puppet-run.timer').with_ensure(false) } it do is_expected.to contain_cron('puppet') .with_command("#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize") .with_user('root') .with_minute('1') .with_hour('22') end else it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(true) } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } it { is_expected.not_to contain_service('puppet-run.timer') } it do is_expected.to contain_cron('puppet') .with_command("#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize") .with_user('root') .with_minute('1') .with_hour('22') end end end describe 'when runmode => systemd.timer' do let :params do super().merge(runmode: 'systemd.timer') end case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(true) } - it { is_expected.to contain_service('puppet-run.timer').with_ensure(:running) } + it { is_expected.to contain_service('puppet-run.timer').with_ensure(true) } it do is_expected.to contain_file('/etc/systemd/system/puppet-run.timer') .with_content(/.*OnCalendar\=\*-\*-\* \*\:10,40:00.*/) end it do is_expected.to contain_file('/etc/systemd/system/puppet-run.timer') .with_content(/^RandomizedDelaySec\=0$/) end it do is_expected.to contain_file('/etc/systemd/system/puppet-run.service') .with_content(%r{^ExecStart=#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize --detailed-exitcode --no-usecacheonfailure$}) end - it do - is_expected.to contain_exec('systemctl-daemon-reload-puppet') - .with_refreshonly(true) - .with_command('systemctl daemon-reload') - end - it do is_expected.to contain_service('puppet-run.timer') .with_provider('systemd') - .with_ensure('running') + .with_ensure(true) .with_name('puppet-run.timer') - .with_enable('true') + .with_enable(true) end else it { is_expected.to raise_error(Puppet::Error, /Runmode of systemd.timer not supported on #{facts[:kernel]} operating systems!/) } end end describe 'when runmode => systemd.timer with configured time' do let :params do super().merge(runmode: 'systemd.timer', run_hour: 22, run_minute: 01 ) end case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(true) } - it { is_expected.to contain_service('puppet-run.timer').with_ensure(:running) } + it { is_expected.to contain_service('puppet-run.timer').with_ensure(true) } it do is_expected.to contain_file('/etc/systemd/system/puppet-run.timer') .with_content(/.*OnCalendar\=\*-\*-\* 22:1:00.*/) end it do is_expected.to contain_file('/etc/systemd/system/puppet-run.timer') .with_content(/^RandomizedDelaySec\=0$/) end it do is_expected.to contain_file('/etc/systemd/system/puppet-run.service') .with_content(%r{^ExecStart=#{bindir}/puppet agent --config #{confdir}/puppet.conf --onetime --no-daemonize --detailed-exitcode --no-usecacheonfailure$}) end - it do - is_expected.to contain_exec('systemctl-daemon-reload-puppet') - .with_refreshonly(true) - .with_command('systemctl daemon-reload') - end - it do is_expected.to contain_service('puppet-run.timer') .with_provider('systemd') - .with_ensure('running') + .with_ensure(true) .with_name('puppet-run.timer') - .with_enable('true') + .with_enable(true) end else it { is_expected.to raise_error(Puppet::Error, /Runmode of systemd.timer not supported on #{facts[:kernel]} operating systems!/) } end end describe 'when runmode => none' do let :params do super().merge(runmode: 'none') end # For windows we specify a package provider which doesn't compile if facts[:osfamily] != 'windows' it { is_expected.to compile.with_all_deps } end it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } case os when /\Adebian-/, /\A(redhat|centos|scientific)-7/, /\Afedora-/, /\Aubuntu-(16|18)/, /\Aarchlinux-/ - it { is_expected.to contain_service('puppet-run.timer').with_ensure(:stopped) } + it { is_expected.to contain_service('puppet-run.timer').with_ensure(false) } else it { is_expected.not_to contain_service('puppet-run.timer') } end end describe 'when runmode => unmanaged' do let :params do super().merge(runmode: 'unmanaged') end # For windows we specify a package provider which doesn't compile if facts[:osfamily] != 'windows' it { is_expected.to compile.with_all_deps } end it { is_expected.to contain_class('puppet::agent::service::daemon').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::cron').with_enabled(false) } it { is_expected.to contain_class('puppet::agent::service::systemd').with_enabled(false) } it { is_expected.not_to contain_cron('puppet') } it { is_expected.not_to contain_service('puppet') } it { is_expected.not_to contain_service('puppet-run.timer') } end end describe 'when unavailable_runmodes => ["cron"]' do let :params do super().merge(unavailable_runmodes: ['cron']) end it { is_expected.not_to contain_cron('puppet') } end describe 'with custom service_name' do let :params do super().merge(service_name: 'pe-puppet') end it { is_expected.to contain_service('puppet').with_name('pe-puppet') } end context 'with remove_lock => false' do let :params do super().merge(remove_lock: false) end it { should_not contain_file('/var/lib/puppet/state/agent_disabled.lock') } end context 'with report => false' do let :params do super().merge(report: false) end it { is_expected.to contain_puppet__config__agent('report').with_value('false') } end end end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index f46b526..5bbda1c 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,59 +1,58 @@ ENV['PUPPET_INSTALL_TYPE'] ||= 'agent' ENV['BEAKER_IS_PE'] ||= 'no' ENV['BEAKER_PUPPET_COLLECTION'] ||= 'puppet6' ENV['BEAKER_debug'] ||= 'true' ENV['BEAKER_setfile'] ||= 'centos7-64{hostname=centos7-64.example.com}' ENV['BEAKER_HYPERVISOR'] ||= 'docker' require 'beaker-puppet' require 'beaker-rspec' require 'beaker/puppet_install_helper' require 'beaker/module_install_helper' run_puppet_install_helper unless ENV['BEAKER_provision'] == 'no' install_module_on(hosts) install_module_dependencies_on(hosts) -install_module_from_forge('camptocamp-systemd', '>= 2.0.0 < 3.0.0') RSpec.configure do |c| # Readable test descriptions c.formatter = :documentation # Configure all nodes in nodeset c.before :suite do # Install module and dependencies hosts.each do |host| if fact_on(host, 'osfamily') == 'RedHat' # don't delete downloaded rpm for use with BEAKER_provision=no + # BEAKER_destroy=no on host, 'sed -i "s/keepcache=.*/keepcache=1/" /etc/yum.conf' # refresh check if cache needs refresh on next yum command on host, 'yum clean expire-cache' end if fact_on(host, 'operatingsystem') == 'Ubuntu' on host, 'apt-get -qq -y install cron' end end end end shared_examples 'a idempotent resource' do it 'applies with no errors' do apply_manifest(pp, catch_failures: true) end it 'applies a second time without changes' do apply_manifest(pp, catch_changes: true) end end shared_examples 'the example' do |name| let(:pp) do path = File.join(File.dirname(File.dirname(__FILE__)), 'examples', name) File.read(path) end include_examples 'a idempotent resource' end Dir["./spec/support/acceptance/**/*.rb"].sort.each { |f| require f }