From 10bb240fb4dda3044f6268f431b2046fcff10865 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Tue, 2 Dec 2014 18:12:46 +0100 Subject: [PATCH] Update nssdb to 2e163a21fb80d828afede2d4be6214f1171c4887 2e163a21fb80d828afede2d4be6214f1171c4887 Become 1.0.1 b9e3de3fef3eb359ebfba383cd3cf251e5913621 Use ensure_packages API to avoid dependency issues 398e63944c3723401a1a7701c8222c2b9ef7f10e Merge pull request #1 from rhaen/rspec_infrastructure 83d3fa63e093a01a3a3d5af435b3815bf2882624 Allow ruby 2.0.0 and puppet version 2.7 to fail 8989de17fad5d7bdeea96748346e3330168a7873 Added rspec test infrastructure, travis-ci, fixed typo --- Puppetfile | 2 +- nssdb/.fixtures.yml | 3 + nssdb/.travis.yml | 21 +++++++ nssdb/CHANGELOG | 3 + nssdb/Gemfile | 11 ++++ nssdb/Modulefile | 2 +- nssdb/Rakefile | 10 ++++ nssdb/manifests/add_cert_and_key.pp | 2 +- nssdb/manifests/create.pp | 6 +- .../defines/nssdb_add_cert_and_key_spec.rb | 29 +++++++++ nssdb/spec/defines/nssdb_create_spec.rb | 60 +++++++++++++++++++ nssdb/spec/spec_helper.rb | 2 + 12 files changed, 145 insertions(+), 6 deletions(-) create mode 100644 nssdb/.fixtures.yml create mode 100644 nssdb/.travis.yml create mode 100644 nssdb/Gemfile create mode 100644 nssdb/Rakefile create mode 100644 nssdb/spec/defines/nssdb_add_cert_and_key_spec.rb create mode 100644 nssdb/spec/defines/nssdb_create_spec.rb create mode 100644 nssdb/spec/spec_helper.rb diff --git a/Puppetfile b/Puppetfile index ff865b9c8..339126108 100644 --- a/Puppetfile +++ b/Puppetfile @@ -95,7 +95,7 @@ mod 'nova', :git => 'https://github.com/stackforge/puppet-nova.git' mod 'nssdb', - :commit => 'b3799a9a7c62c3b5b7968f9860220a885b45fb8a', + :commit => '2e163a21fb80d828afede2d4be6214f1171c4887', :git => 'https://github.com/rcritten/puppet-nssdb.git' mod 'ntp', diff --git a/nssdb/.fixtures.yml b/nssdb/.fixtures.yml new file mode 100644 index 000000000..0b550a104 --- /dev/null +++ b/nssdb/.fixtures.yml @@ -0,0 +1,3 @@ +fixtures: + symlinks: + nssdb: "#{source_dir}" \ No newline at end of file diff --git a/nssdb/.travis.yml b/nssdb/.travis.yml new file mode 100644 index 000000000..9205fea7e --- /dev/null +++ b/nssdb/.travis.yml @@ -0,0 +1,21 @@ +language: ruby +rvm: + - 1.8.7 + - 1.9.3 + - 2.0.0 + - ruby-head +script: "rake all" +branches: + only: + - rspec_infrastructure +env: + - PUPPET_GEM_VERSION="~> 2.7" + - PUPPET_GEM_VERSION="~> 3.3" +matrix: + allow_failures: + - rvm: ruby-head + - rvm: 2.0.0 + env: PUPPET_GEM_VERSION="~> 2.7" +notifications: + email: false + diff --git a/nssdb/CHANGELOG b/nssdb/CHANGELOG index 9baf73bad..2f5b97db2 100644 --- a/nssdb/CHANGELOG +++ b/nssdb/CHANGELOG @@ -1,2 +1,5 @@ +2014-10-22 1.0.1 +- Use ensure_packages API to avoid dependency issues + 2013-08-22 1.0.0 - Initial Release. Create the database, add certificates. diff --git a/nssdb/Gemfile b/nssdb/Gemfile new file mode 100644 index 000000000..28f9df707 --- /dev/null +++ b/nssdb/Gemfile @@ -0,0 +1,11 @@ +source :rubygems + +group :development, :test do + gem 'puppetlabs_spec_helper', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end diff --git a/nssdb/Modulefile b/nssdb/Modulefile index b311e7967..34a4e9467 100644 --- a/nssdb/Modulefile +++ b/nssdb/Modulefile @@ -1,5 +1,5 @@ name 'rcritten/nssdb' -version '1.0.0' +version '1.0.1' source 'git://github.com/rcritten/puppet-nssdb.git' author 'Rob Crittenden ' license 'Apache' diff --git a/nssdb/Rakefile b/nssdb/Rakefile new file mode 100644 index 000000000..1ef528490 --- /dev/null +++ b/nssdb/Rakefile @@ -0,0 +1,10 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/rake_tasks' +require 'rake/clean' + +CLEAN.include('spec/fixtures/', 'spec/reports') + +task :spec => [:spec_prep] + +desc "Run all tasks (spec)" +task :all => [ :spec ] diff --git a/nssdb/manifests/add_cert_and_key.pp b/nssdb/manifests/add_cert_and_key.pp index 9c83a0d15..d506d152f 100644 --- a/nssdb/manifests/add_cert_and_key.pp +++ b/nssdb/manifests/add_cert_and_key.pp @@ -31,7 +31,7 @@ $key, $basedir = '/etc/pki' ) { - package { 'openssl': ensure => present } + ensure_packages(['openssl']) exec {'generate_pkcs12': command => "/usr/bin/openssl pkcs12 -export -in $cert -inkey $key -password 'file:${basedir}/${dbname}/password.conf' -out '${basedir}/${dbname}/$dbname.p12' -name $nickname", diff --git a/nssdb/manifests/create.pp b/nssdb/manifests/create.pp index 05d3c1331..b804496e4 100644 --- a/nssdb/manifests/create.pp +++ b/nssdb/manifests/create.pp @@ -21,8 +21,8 @@ # $password must be set # # Sample Usage: -# -# secure::nssdb {'test': +# +# nssdb::create {'test': # owner_id => 'qpidd', # group_id => 'qpidd', # password => 'test'} @@ -39,7 +39,7 @@ $canickname = 'CA', $catrust = 'CT,CT,' ) { - package { 'nss-tools': ensure => present } + ensure_packages(['nss-tools']) file {"${basedir}/${dbname}": ensure => directory, diff --git a/nssdb/spec/defines/nssdb_add_cert_and_key_spec.rb b/nssdb/spec/defines/nssdb_add_cert_and_key_spec.rb new file mode 100644 index 000000000..e4b3e9bda --- /dev/null +++ b/nssdb/spec/defines/nssdb_add_cert_and_key_spec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe 'nssdb::add_cert_and_key', :type => :define do + let(:title) { 'qpidd' } + let(:params) do { + :nickname => 'Server-Cert', + :cert => '/tmp/server.cert', + :key => '/tmp/server.key', + :basedir => '/obsolete' + } + end + + context 'generate_pkcs12' do + it{ should contain_exec('generate_pkcs12').with( + :command => %r{-in /tmp/server.cert -inkey /tmp/server.key.*file:/obsolete/qpidd.*out \'/obsolete/qpidd/qpidd.p12\' -name Server-Cert}, + :require => [ 'File[/obsolete/qpidd/password.conf]', + 'File[/obsolete/qpidd/cert8.db]', + 'Package[openssl]' ], + :subscribe => 'File[/obsolete/qpidd/password.conf]' + )} + end + + context 'load_pkcs12' do + it{ should contain_exec('load_pkcs12').with( + :command => %r{-i \'/obsolete/qpidd/qpidd.p12\' -d \'/obsolete/qpidd\' -w \'/obsolete/qpidd.*-k \'/obsolete/qpidd} + )} + end + +end diff --git a/nssdb/spec/defines/nssdb_create_spec.rb b/nssdb/spec/defines/nssdb_create_spec.rb new file mode 100644 index 000000000..bf95fa964 --- /dev/null +++ b/nssdb/spec/defines/nssdb_create_spec.rb @@ -0,0 +1,60 @@ +require 'spec_helper' + +describe 'nssdb::create', :type => :define do + let(:title) { 'test' } + let(:params) do { + :owner_id => 'nobody', + :group_id => 'nobody', + :password => 'secret', + :basedir => '/obsolete', + :cacert => '/ca.crt', + :canickname => 'ca', + :catrust => 'CTu' + } + end + + context 'nssdb directory' do + it{ should contain_file('/obsolete/test').with( + :owner => 'nobody', + :group => 'nobody' + )} + end + + context 'password file' do + it{ should contain_file('/obsolete/test/password.conf').with( + :owner => 'nobody', + :group => 'nobody', + :content => 'secret', + :require => 'File[/obsolete/test]' + )} + end + + context 'database files' do + databases = ['cert8.db', 'key3.db', 'secmod.db'] + databases.each do |db| + it{ should contain_file('/obsolete/test/' + db).with( + :owner => 'nobody', + :group => 'nobody', + :require => [ 'File[/obsolete/test/password.conf]', 'Exec[create_nss_db]'] + )} + end + end + + context 'create nss db' do + it{ should contain_exec('create_nss_db').with( + :command => %r{-d /obsolete/test -f /obsolete/test}, + :creates => [ '/obsolete/test/cert8.db', '/obsolete/test/key3.db', '/obsolete/test/secmod.db'], + :require => [ 'File[/obsolete/test]', + 'File[/obsolete/test/password.conf]', + 'Package[nss-tools]' ] + )} + end + + context 'add ca cert' do + it{ should contain_exec('add_ca_cert').with( + :command => %r{-n ca -d /obsolete/test -t CTu.*-i /ca.crt}, + :onlyif => %r{-e /ca.crt} + )} + end + +end diff --git a/nssdb/spec/spec_helper.rb b/nssdb/spec/spec_helper.rb new file mode 100644 index 000000000..dc7e9f4a0 --- /dev/null +++ b/nssdb/spec/spec_helper.rb @@ -0,0 +1,2 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/module_spec_helper'