From e27b5b68c26606c2d66324a94b604b8a924d94e7 Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Wed, 29 Jan 2014 18:58:36 -0500 Subject: [PATCH 1/6] Manage firewall entries --- manifests/init.pp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index c4b6a863e..4a35d2f20 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -24,6 +24,18 @@ } } + firewall { "100_tcp_${tcp_port}_for_memcached": + port => "$tcp_port", + proto => 'tcp', + action => 'accept', + } + + firewall { "100_udp_${udp_port}_for_memcached": + port => "$udp_port", + proto => 'udp', + action => 'accept', + } + file { $memcached::params::config_file: owner => 'root', group => 'root', From e3bef50d7502de43d3fcfdbf5cc14d9e74b02c1b Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Sat, 1 Feb 2014 12:51:36 -0500 Subject: [PATCH 2/6] Add ability to manage firewall Original idea and entries of firewall resources by Adam Boeglin. --- .fixtures.yml | 9 ++++++- LICENSE | 1 + Modulefile | 3 +++ README.md | 1 + manifests/init.pp | 29 +++++++++++++------- spec/classes/memcached_spec.rb | 48 ++++++++++++++++++++++++++++++++++ 6 files changed, 81 insertions(+), 10 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index ff6d34112..21aa9ebf9 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,3 +1,10 @@ fixtures: + repositories: + 'firewall': + repo: 'git://github.com/puppetlabs/puppetlabs-firewall.git' + ref: '0.1.0' + 'stdlib': + repo: 'git://github.com/puppetlabs/puppetlabs-stdlib.git' + ref: '3.2.0' symlinks: - "memcached": "#{source_dir}" + memcached: "#{source_dir}" diff --git a/LICENSE b/LICENSE index c46e2ee1d..7c6618932 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,5 @@ Copyright 2011 Steffen Zieger + Copyright 2014 Garrett Honeycutt Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/Modulefile b/Modulefile index 8100b59ad..cbc63c96c 100644 --- a/Modulefile +++ b/Modulefile @@ -6,3 +6,6 @@ license 'Apache License, Version 2.0' summary 'UNKNOWN' description 'Manage memcached via Puppet' project_page 'https://github.com/saz/puppet-memcached' + +dependency 'puppetlabs/stdlib', '>= 3.2.0' +dependency 'puppetlabs/firewall', '>= 0.1.0' diff --git a/README.md b/README.md index 37bb6894e..8c212ef4d 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,7 @@ Manage memcached via Puppet * $listen_ip = '0.0.0.0' * $tcp_port = 11211 * $udp_port = 11211 +* $manage_firewall = false * $user = '' (OS specific setting, see params.pp) * $max_connections = 8192 * $lock_memory = false (WARNING: good if used intelligently, google for -k key) diff --git a/manifests/init.pp b/manifests/init.pp index 4a35d2f20..495f3a5cd 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,6 +1,7 @@ class memcached( $package_ensure = 'present', $logfile = '/var/log/memcached.log', + $manage_firewall = false, $max_memory = false, $lock_memory = false, $listen_ip = '0.0.0.0', @@ -13,6 +14,14 @@ $install_dev = false ) inherits memcached::params { + # validate type and convert string to boolean if necessary + if type($manage_firewall) == 'String' { + $manage_firewall_bool = str2bool($manage_firewall) + } else { + $manage_firewall_bool = $manage_firewall + } + validate_bool($manage_firewall_bool) + package { $memcached::params::package_name: ensure => $package_ensure, } @@ -24,16 +33,18 @@ } } - firewall { "100_tcp_${tcp_port}_for_memcached": - port => "$tcp_port", - proto => 'tcp', - action => 'accept', - } + if $manage_firewall_bool == true { + firewall { "100_tcp_${tcp_port}_for_memcached": + port => $tcp_port, + proto => 'tcp', + action => 'accept', + } - firewall { "100_udp_${udp_port}_for_memcached": - port => "$udp_port", - proto => 'udp', - action => 'accept', + firewall { "100_udp_${udp_port}_for_memcached": + port => $udp_port, + proto => 'udp', + action => 'accept', + } } file { $memcached::params::config_file: diff --git a/spec/classes/memcached_spec.rb b/spec/classes/memcached_spec.rb index d39701d16..6bd2a7643 100644 --- a/spec/classes/memcached_spec.rb +++ b/spec/classes/memcached_spec.rb @@ -1,6 +1,51 @@ require 'spec_helper' describe 'memcached' do + describe 'with manage_firewall parameter' do + ['Debian','RedHat'].each do |osfam| + context "on osfamily #{osfam}" do + let(:facts) do + { :osfamily => osfam, + :memorysize => '1000 MB', + :processorcount => '1', + } + end + + ['true',true].each do |value| + context "set to #{value}" do + let(:params) { { :manage_firewall => value } } + + it { should contain_class('memcached') } + + it { should contain_firewall('100_tcp_11211_for_memcached') } + it { should contain_firewall('100_udp_11211_for_memcached') } + end + end + + ['false',false].each do |value| + context "set to #{value}" do + let(:params) { { :manage_firewall => value } } + + it { should contain_class('memcached') } + + it { should_not contain_firewall('100_tcp_11211_for_memcached') } + it { should_not contain_firewall('100_udp_11211_for_memcached') } + end + end + + context 'set to an invalid type (array)' do + let(:params) { { :manage_firewall => ['invalid','type'] } } + + it do + expect { + should contain_class('memcached') + }.to raise_error(Puppet::Error) + end + end + end + end + end + let :default_params do { :package_ensure => 'present', @@ -67,6 +112,9 @@ it { should contain_package('memcached').with_ensure(param_hash[:package_ensure]) } + it { should_not contain_firewall('100_tcp_11211_for_memcached') } + it { should_not contain_firewall('100_udp_11211_for_memcached') } + it { should contain_file('/etc/memcached.conf').with( 'owner' => 'root', 'group' => 'root' From 9f959da13037dd3417e024d451f23687fea725a3 Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Sat, 1 Feb 2014 12:52:56 -0500 Subject: [PATCH 3/6] Add rake tasks for validation and linting --- .travis.yml | 2 +- .gemfile => Gemfile | 6 ++++-- Rakefile | 17 +++++++++++++++++ spec/spec_helper.rb | 1 + 4 files changed, 23 insertions(+), 3 deletions(-) rename .gemfile => Gemfile (52%) diff --git a/.travis.yml b/.travis.yml index 37e322a76..51b5138f7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,4 +14,4 @@ env: - PUPPET_VERSION=3.0.0 notifications: email: false -gemfile: .gemfile +gemfile: Gemfile diff --git a/.gemfile b/Gemfile similarity index 52% rename from .gemfile rename to Gemfile index 9aad840c0..0a648da6d 100644 --- a/.gemfile +++ b/Gemfile @@ -1,5 +1,7 @@ -source :rubygems +source "https://rubygems.org" -puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 2.7'] +puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 3.3'] gem 'puppet', puppetversion gem 'puppetlabs_spec_helper', '>= 0.1.0' +gem 'puppet-lint', '>= 0.3.2' +gem 'facter', '>= 1.7.0', "< 1.8.0" diff --git a/Rakefile b/Rakefile index cd3d37995..0a28d845e 100644 --- a/Rakefile +++ b/Rakefile @@ -1 +1,18 @@ +require 'rubygems' require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] + +desc "Run puppet in noop mode and check for syntax errors." +task :validate do + Dir['manifests/**/*.pp'].each do |manifest| + sh "puppet parser validate --noop #{manifest}" + end + Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file| + sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/ + end + Dir['templates/**/*.erb'].each do |template| + sh "erb -P -x -T '-' #{template} | ruby -c" + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 2c6f56649..dc7e9f4a0 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1 +1,2 @@ +require 'rubygems' require 'puppetlabs_spec_helper/module_spec_helper' From 35f17c2458478c2586f144573c69d8df494e70c1 Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Sat, 1 Feb 2014 12:57:24 -0500 Subject: [PATCH 4/6] Add support for Puppet v3.4 --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 51b5138f7..b318a859d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,6 +12,7 @@ env: - PUPPET_VERSION=2.7.6 - PUPPET_VERSION=2.6.9 - PUPPET_VERSION=3.0.0 + - PUPPET_VERSION=3.4.2 notifications: email: false gemfile: Gemfile From bb9b7524cf6e2016818a35be9b0877b951e7b7a1 Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Sat, 1 Feb 2014 13:04:40 -0500 Subject: [PATCH 5/6] Addressing simple style fixes --- manifests/init.pp | 6 +++++- manifests/params.pp | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index ad2f1a3c6..63c19e000 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,4 +1,8 @@ -class memcached( +# == Class: memcached +# +# Manage memcached +# +class memcached ( $package_ensure = 'present', $logfile = '/var/log/memcached.log', $manage_firewall = false, diff --git a/manifests/params.pp b/manifests/params.pp index ee77e1e1e..c1f4b8cb6 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,3 +1,5 @@ +# == Class: memcached::params +# class memcached::params { case $::osfamily { 'Debian': { From 9dc9231d92ad65e1717347ae1b44ec7b0cb1948b Mon Sep 17 00:00:00 2001 From: Garrett Honeycutt Date: Sat, 1 Feb 2014 13:07:58 -0500 Subject: [PATCH 6/6] Travis will check for syntax validation and style before specs --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index df12da98a..8e14c541f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,7 +4,7 @@ branches: - master language: ruby bundler_args: --without development -script: bundle exec rake spec SPEC_OPTS='--format documentation' +script: 'bundle exec rake validate && bundle exec rake lint && SPEC_OPTS="--format documentation" bundle exec rake spec' after_success: - git clone -q git://github.com/puppetlabs/ghpublisher.git .forge-releng - .forge-releng/publish