From 41eeefbcf2e4f3f1a9eb5bfe52eeeb31a21d317a Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Fri, 29 May 2015 13:19:15 +0200 Subject: [PATCH] Sync opm puppet modules to latest upstream masters Update apache to bf061e66d10ff595799e13945832948e0a538cea bf061e66d10ff595799e13945832948e0a538cea Merge pull request #1124 from genebean/IndexStyleSheet_Support 223b18bad82464d3923e15fa5b2bbc34439184d6 Add ability to unittest puppet 4 749b223c7c3390678c6ce728702d9882eea23616 Merge pull request #1118 from sathieu/authn_core 6f3668603b830193e5fa3f5d9d4482dc90a0d023 Move authn_core module to a class 53a0d7379d093ae48e328598511701eef18792c1 Added the ability to define the IndexStyleSheet setting for a directory 421adf52e4210c043902718760dc1113c9fd8d04 Merge pull request #1096 from igalic/log_reject 1962d7309a040878ccc73ccadc47a28c6caaceaa Merge pull request #1121 from carroarmato0/master d7426c05a8c88bf3416f012f8bb2177d0e74cee4 Merge pull request #1129 from ckaenzig/fix-readme-def-val e98359bd240ac546a5c866f484de04587c4d7fa1 Add basic initial support for SLES 11 91d23fd13317765734a03641f4dee42b2813c744 Do not offload overriding LogFormats to httpd 740429e1f03430fb440c4d70c125101fa82f03c9 Fix in README.md for default values of php_flags Change-Id: Iff480eedec813f2d11682c3577e7aeefcad1766e Update ceilometer to 264ea1b19155bb2f34a95858b18442c14504ddf2 264ea1b19155bb2f34a95858b18442c14504ddf2 Fix dependency on nova-common package Change-Id: I479209fbec04fde43ad3f2514a9d2cb25f4716be Update cinder to 4785c1c739f19c4874d0ba24f14e34b6f0d06375 4785c1c739f19c4874d0ba24f14e34b6f0d06375 Merge "Bring Redhat support to acceptance tests" a13f03363e6f930e882dd0ba90868df18c3e9f26 Merge "Beaker: install APT repo with openstack_extras" 4b95903f0962a560325958ca3dd7a6297bbbc063 Bring Redhat support to acceptance tests 0dd2d78bd3b0e664a38c6984bca69eaf2635535f Beaker: install APT repo with openstack_extras Change-Id: I1486da641dd15c903155faae3f30dbbfc5006611 Update firewall to cbfca920444c5da5bddd3990f89ca61e5bcc0006 cbfca920444c5da5bddd3990f89ca61e5bcc0006 Add ability to unittest puppet 4 35d2e407bf5cfbcedabd55d2cc754be86e8f8a68 Merge pull request #534 from puppetlabs/1.6.x 2fd4e702706b820b1d7208e2f88ba8a8a0321701 Merge pull request #533 from jbondpdx/1.6.x 5338ff9e543ce6021b12fa791c2c8116ef214cb0 DOCS: edits to firewall readme 4986cefa72ceccef4f4f9e83b53130a128ec86ac 1.6.0 Release Prep dbcfba063d4b5ba4073794880d29d1dd17392c58 Merge pull request #532 from jonnytpuppet/jbb_issue_1766 3b4c2cc17e8ebc5e3d13523ed37bb5875f6feb43 Updated readme for clamp_mss_to_pmtu f5954dd3e4bd2ac32d157b808d3ae98acfbaf09d Merge pull request #531 from jonnytpuppet/jbb_issue_1766 2add7c56dce908644e936a76c48f34eeab20adcc Add support for clamp-mss-to-pmtu Change-Id: I2db9a9d7dcd925f01d233ea80b00d9b5cb9b8513 Update galera to 26016bc260b6d1101201dd1ca791deb1a5fcf2cf 26016bc260b6d1101201dd1ca791deb1a5fcf2cf Deprecate mysql::server resource creation Change-Id: If1ed916cf061598222e9fc70fdc82ad200418bfe Update glance to c76d39605ff311eaba6ca226ac7dac19f86279ed c76d39605ff311eaba6ca226ac7dac19f86279ed Decouple sync_db from manage_service and enabled Change-Id: I8a7f3e0ea6d116c5882a7adf0683b2368aa3547c Update haproxy to 3007560fc47da48d576890b1823e0ccfac3d9207 3007560fc47da48d576890b1823e0ccfac3d9207 Add ability to unittest puppet 4 e6bd52b6effdc436e8f065964478c58ca3f43a0a Merge pull request #183 from tphoney/ignore_log 3988b38bae9427a7a0e78b2cc0b31028d842e2c2 ignore the log directory cc701aeff2bd963239567a3dd69ca93dfdaad2a5 Merge pull request #180 from voroniys/master 6da0a5badc7120108e70d898895136c44994ce53 Merge pull request #182 from psoloway/readme 4c79f0120587f2894d2ffaf41453194aa83c0727 Apply changes from @hunner 0874c8242c5093f7cdac46c4401fc887560dba08 Rewrite README per DOC-1499 ee82979d53dc7139815547ffd2c00ca6d4023907 Update params.pp Change-Id: Iccf3e320fc7dd8e3e6365f6639f34554c190a398 Update heat to 01004884a1a4d3e2e5fac779975ddc18fec034cd 01004884a1a4d3e2e5fac779975ddc18fec034cd Bring Redhat support to acceptance tests 1750f36a066031ec1910cf0665c53173d51ba8de Beaker: install APT repo with openstack_extras Change-Id: Ic918405dbd525c232576558b3d0fddb40459d027 Update horizon to b975b22d97f5b794160bfdd5c4190990e8496331 b975b22d97f5b794160bfdd5c4190990e8496331 Bring Redhat support to acceptance tests c566f7a75c1590b7684ba03a39321043dba11c12 Beaker: install APT repo with openstack_extras Change-Id: I61df22be921d962b20b61af8e3ec6554ca594f4a Update inifile to c72bfbb9b1df49ec66a4899e84ea869a1c18426c c72bfbb9b1df49ec66a4899e84ea869a1c18426c Merge pull request #129 from duritong/create_ini_settings 4da2f6e23fdd6ea54fbfc107e574ad65f6438e87 Add ability to unittest puppet 4 9f03e8a3d1ad2584cb5698365c306aea594ea3e7 remove dead code 6eb8f9ca98d4806fbf6b9a11aee13cc95bc5f3dc introduce create_ini_settings Change-Id: I7eb29a96d9246c5c21ad601b6ca6890b112b15fd Update ironic to 78e0dc117ee77275f40dcda8dd060f1d6ca06499 78e0dc117ee77275f40dcda8dd060f1d6ca06499 Bring Redhat support to acceptance tests fc6b14d838b135924e010b7aa35a7a7de889c690 Beaker: install APT repo with openstack_extras Change-Id: Iacf9e2a7729be5f0a9dc917e0370a9d45198122e Update keystone to eb240c5aa120d428567fb7c239167def96b6b75f eb240c5aa120d428567fb7c239167def96b6b75f Merge "Decouple sync_db from enabled" 3c08645ba8b894d3adce3d65464dd43a0a33ce55 Decouple sync_db from enabled e8a09f76075b8d780e2f6b1b2d8fb3a19f6f94ee Bring Redhat support to acceptance tests a20b6098ace51832b1682cba295d2e8755231d54 Beaker: install APT repo with openstack_extras Change-Id: I7f9a76d5bc1cf78809ef6599023b04f7d59214a1 Update manila to ce1fa24cfdbb1073a1fedbb373b690b92b35c43f ce1fa24cfdbb1073a1fedbb373b690b92b35c43f Bring Redhat support to acceptance tests 64240b02ddf888a5def1c599effe739f0472eb18 Beaker: install APT repo with openstack_extras Change-Id: Id0fc5f4ccdaedd83a4f5b9990f75b3ee5a42617e Update memcached to f6dd071b94a934fcb66d06228ca234502f4ebb8f f6dd071b94a934fcb66d06228ca234502f4ebb8f new release v2.8.0 50242e242c488c0e28c90d3cf063605cfba4f88c fix memcached_sysconfig template 9d6b9f65ea3933ad17026c6caed994537d65b17c remove useless quotes 43485a8cacfc48f9e72bfbb2b53f8c286a1f253e Merge branch 'master' of git://github.com/mmarseglia/puppet-memcached into mmarseglia-master 5f3efdce7bbd914b9c79ee0fa4d02055d692d17e Merge branch 'vshn-feature-no-listen' 6e774c8fb742f12c0c0ff4e41c3aa840f9bfb611 Merge branch 'feature-no-listen' of https://github.com/vshn/puppet-memcached into vshn-feature-no-listen 2fb653a97cab6229e659f91a5c776715424edfbe Merge branch 'enovance-service_manage' e6718d648cf13932ba1529d17692daee80543192 Merge branch 'service_manage' of git://github.com/enovance/puppet-memcached into enovance-service_manage b0b6669be8fea3da6b112037aa9281288f9fbb13 Revert "Merge pull request #55 from mattkenn4545/master" fbe8ebdf2fa0db4d6f52e79efdcae773db248d1b Merge pull request #55 from mattkenn4545/master 11ef5efea79fa5cd2c70637138b736fe8e9edc00 Revert "Merge pull request #54 from covermymeds/multi_memcached" cca1bb8dd6c29d2a9bb03b5edb0c5ac7df27f759 Revert "cleanup some multi instance things" 0e45c9a8d6198066031a08da530593a492155659 cleanup some multi instance things b8375f9e1dbbf8c94e51e70fa1a4a17872cd05dd Merge pull request #54 from covermymeds/multi_memcached f4b539d5b6b609dbf45f144fe3321d797a05139c feature: Add possibilty to configure no listen_ip. bf3b9c64cb1be998c10315a5120b625271a19dc9 Rebase from saz/master 573f8eca470d3e9a5a947a3fdcb3f1dc6b5b573d Add a $service_manage boolean e7979de252c28124b25df4a7451fb7be580a2a5b Updates to run multiple instances of memcached. af4672c9681860415f5bad212fdbdd90217d5844 Convert logfile to bool in if statement 2475a3707737c94bc0f072ffc2aca63afe7f6e8c add support for logging to syslog. Added boolean parameter syslog. If syslog is true and logfile is empty then configure sysconfig options to pipe output to /bin/logger. b447489ab8f9b9080ca78d5bbbc7a9d04449a605 Add ability to specify max object size. (-I) Change-Id: I30bb8e06067e64a949bc7564e7a8d57e0b997c85 Update module-collectd to 27c81f69d00722ce7a6ac1e9c13b8e76fc7a5204 27c81f69d00722ce7a6ac1e9c13b8e76fc7a5204 Merge pull request #267 from arioch/master 11f42ad491b7c16f7118a0ce6c2b017d989cd3b6 Fix python plugin template indentation Change-Id: I443d0af54fa08a69a0c288341a5670fee3111933 Update mongodb to 14117ae3391862021555df8139c66fd04c13c0c3 14117ae3391862021555df8139c66fd04c13c0c3 Add ability to unittest puppet 4 Change-Id: Icbb98782c4c59b3b034a9e750ce8e821b9d9a460 Update mysql to 5f76233b7f44bb5d11521d78e60f0545da19e60e 5f76233b7f44bb5d11521d78e60f0545da19e60e Merge pull request #719 from enovance/package_dependency 9215c5d06d6c274bdbf409cbad4f05e3f5fc2f02 Add ability to unittest puppet 4 29788fb4c492865b5246daef6cbefe99c4aa067d (MODULES-2077) Fixes wrong dependency variable 31f0c4f1b1961c4841a0ba81ab3743c45e8e437f Merge pull request #718 from igalic/slalomzacharyd-fixed-for-mariadb 4bab65edcb98f82f87a4414840fe90ab81b6cea3 Fixed server package name so it isn't hardcoded to mysql 18e45a0d8f75d187cd64829e38429fac4fffd404 Merge pull request #717 from puppetlabs/3.4.x 3ec3d790734307f921b11b52397d8303e975b9f4 Merge pull request #715 from jbondpdx/3.4.x 4cd07c0cd421ddc0d72030107ba607acd7bdf1f2 DOCS: minor edits to mysql readme 609a8d0ec2b78ee61a32487059ecfeb68d3915a7 3.4.0 Release Prep 6572601d63e543ab5c51903fb81333c03bd58a6c Merge pull request #712 from jewjitsu/freebsddefaults dc9dcee4fee6680bd12227b771d4e2a4083259eb update to proper defaults for freebsd 6639efcea23c623d3a84ea12789a4f35c567db2e Merge pull request #711 from cyberious/master d3901f205a0c5ed2d8381106bf1d5653ccd15d36 (fix) - Change default for mysql::server::backup to ignore_triggers => false - Update spec acceptance test to check for which version is currently installed prior to testing 61c53727c2cc645cc59f2f9cf10980dd86e2b9b5 Merge pull request #709 from cyberious/master 9dad94a8c643d555433ae47e0699e9f89230b934 (fix) - Fix issue where fact is unknown at start - Resolve issue where if known and failed versioncmp would result in idempotency issue on second run Change-Id: I900c8cafe905fbdbf34ce2102ef88c4cc4887de2 Update neutron to dea7f4719fea5529d916ef4cae56020e8ee4efea dea7f4719fea5529d916ef4cae56020e8ee4efea Merge "Fixed deprecation warning message" 50a3a29b8e0dd72a69d0a30c01b79805ff5e6f2b Merge "Beaker: install APT repo with openstack_extras" 25b9825c7c756afe88bb3cf714801ec91f15b23d Fixed deprecation warning message 340186e2edabab44d3d9cf7ceeebe80bb8c30780 Fix avalaible/available typo 3f2ec9002a0d66859794d50d5af7a5c49ae33581 Beaker: install APT repo with openstack_extras Change-Id: Ic2eefd5b67bef9603d8637328778d7ee02f78c80 Update nova to f4330488dd503562ba936c2f14d23e6af3ee9fca f4330488dd503562ba936c2f14d23e6af3ee9fca Merge "Fix variable access in RBD secret template" ad71c7c590ea8e8d09ea5cb23ea9f18eed9504e7 Fix variable access in RBD secret template 7d1171986eb7a6115c35ebb3d8bba155ca8ecd04 Ensure /etc/nova exists before creating secret.xml d427bd2929adb8e5f7bfdd96ff54be38e6dbbbbb Merge "Add vagrant nodeset and make it the default" 1506d64c599167b68dee10dc94d2180806c92c63 Bring Redhat support to acceptance tests e8aeca9273309394cb1e82d5bcd6ea9284c96473 Beaker: install APT repo with openstack_extras dc2eb5518e382d04a960cbe254181ed8dc39c9af Use correct name on el7+ ece6fd253814646fcd1bb81939d1d591303d2e0c Merge "Fix RSpec3.x keywords" cfc6ec77473273b166c1e02c54bc39f57ad83362 Add vagrant nodeset and make it the default 34ec23cff5a2a378206a32474fce36ecf8f6f12c Fix RSpec3.x keywords Change-Id: Id334491ec164b3866349ecc326dffeb2570c39af Update ntp to c0613256dfcec3fb0ec20ef42c9d9e47f0412648 c0613256dfcec3fb0ec20ef42c9d9e47f0412648 Add ability to unittest puppet 4 55fb2cfa4fe0c312a7706aa61d6ef34242185b9f Merge pull request #266 from puppetlabs/4.0.x 5b03aecb421172e9c611586c31c42101df5d3199 Release Prep 4.0.0 Change-Id: I7ad18ca8b49b8596c6aea2e64fc03c874d3f2091 Update openstacklib to d0de990f92a9a9cb7f705ecd39dd8aa02d02bf48 d0de990f92a9a9cb7f705ecd39dd8aa02d02bf48 Bring Redhat support to acceptance tests Change-Id: I549c4ede5837ccfaf4afb927325a29c22fe68a4b Update rabbitmq to d3c6971a3e97b7079a6076a43a8891000757797b d3c6971a3e97b7079a6076a43a8891000757797b Add ability to unittest puppet 4 76261d32b0d1714f3a03d30ddf72e16618c24115 Merge pull request #357 from puppetlabs/5.2.1 725cd025da884cbed9d6a2dd5618445bc14f0b2f Release Prep 5.2.1 a161e2679e4642cdeebd2a2e79a0d7cdcca18288 Merge pull request #344 from nnathan/update_policy_doc 7b9c243c9709d0b2f0296fdb048ada5a8f231455 Merge pull request #351 from enovance/fix-idempotency 0227f762070ffbbea3c28d6a60174de98fa4cc1c Ensure idempotency between Puppet runs 2d22427ee7c38fd9e1c62d1a7b1094c88e498e5f Pins apt version for ci ce8c9a5fe83fcb0a8e93e9e3fc7557af6b61113d update doc: s/myhost/myvhost/ -- myvhost is easier to understand because it is self-describing Change-Id: I06135f3fa7205ce7f2f4881f690ad9c050fec7bb Update redis to aa13ac935693204972b7255233f13402634f256e aa13ac935693204972b7255233f13402634f256e Enable to not manage the Redis service Change-Id: I422bb9e7715cfb2e42531b3809457b6a6ab543af Update sahara to 326860e6244927474f458e5df220abcb59049576 326860e6244927474f458e5df220abcb59049576 Fixed /etc/sahara handling 126a34d4402337019d6172adf6ea2349345c2efd Bring Redhat support to acceptance tests 4c5fc5e3bb6185fd7e04beb17202f2deb342d5f4 Beaker: install APT repo with openstack_extras 9de78136d18d9ea9b821f2da0a6c24428611c64b Idempotency fix Change-Id: Ifdc1d756cd6d32847159d30dff95e3b45bb72476 Update stdlib to 4a8c0a57f2c4df4e2e3fa37466f02a7f6fccd517 4a8c0a57f2c4df4e2e3fa37466f02a7f6fccd517 Merge pull request #463 from CENGN/fix/master/file_line_multiple_after 72089f3d134a00e64f0b3d81237a266131d40412 (MODULES-2071) Refactor file_line provider to contain logic to handle parameter multiple in function handle_create_with_after c9b810cf365cbc4f87dfcee8b4eedf0b055e3569 Merge pull request #461 from DavidS/validate-hashes cf9f7a6b7e4ede7edd612fde33f7149f9c7f3385 validate_integer, validate_numeric: explicitely reject hashes in arrays b4090184c76666e58694aa4f09a39be009a42f5f Add ability to unittest puppet 4 3fafad88b3ccec89a8e988b84b55611e9f03fc09 Merge pull request #460 from DavidS/fix-fqdn_rotate-seed 0dc0e0dbcf9574ed1515cf6cfe2800f06d8c1d0e fqdn_rotate: reset srand seed correctly on old ruby versions 6cf64f1028cbb290a6254b5e753072f65c9336fa Merge pull request #454 from elyscape/document_facts.d_cache 06ebdf3ef70cf281e825fe824e166299b207e70f Merge pull request #455 from hunner/change_type_of_test 1401e267b3c82c507c4220b54ca4beb69e29ecd5 Merge pull request #458 from ghoneycutt/patch-1 48e516be6b83ca2b451af0afcc7fe12429f86f5b Update CHANGELOG.md 97ee232ed02f0a05b58b0f207602f5fbe692708a Merge pull request #456 from jtappa/readme-edits 593f74ced794dd461f4483fc32eecba8ac2e1f5a DOC-1504: README edits 732f7e8b3509197eb77586a01cf4e3a2e7cac9d2 Remove all the pops stuff 3b8ded184d6b6b5c2823018a231deee9dcd7df83 (FM-2130) Document new location of facts.d cache Change-Id: I3e77b6190aadb0ad0ae4a930124a590346b1d71c Update swift to ef9f9a4194237b3cd00446f42d1b407d203cbfd5 ef9f9a4194237b3cd00446f42d1b407d203cbfd5 Handle both string and array for memcache param. 3ceea9fa89cfe9c26c79146479a97c2519c332f7 Fix concat file mode d05d97d39ecca61dcd7a1b1fd110758ad56d0de4 Bring Redhat support to acceptance tests 7483eaf336d1fb08e349ffd942c86d6a9078b9ad Beaker: install APT repo with openstack_extras 49fd248002605b80a51a35d254fdfca0736502e5 mount.pp: fix lint issue Change-Id: Ia23318812b23b91ce390ecd8b88409e3e853f1b2 Update tempest to d46a0c403ee9adcdc2a694c609d9bb6fe3b5a05f d46a0c403ee9adcdc2a694c609d9bb6fe3b5a05f Bring Redhat support to acceptance tests Change-Id: I02dad49d8c61534a34177897b84791146f91afb4 Update trove to 16e82e68ea62efec3ec7e11d7b9887e16b773372 16e82e68ea62efec3ec7e11d7b9887e16b773372 CentOS 7 compatibility bd16e3dbe597dcea9506c611f4a98926578176db Bring Redhat support to acceptance tests 29be41ed02a4adda3d4012dcf0c0c9677dd7cb8d Beaker: install APT repo with openstack_extras c9ff84d3e4aed8f9d91ea12d704cec633e5bf2a0 Document requirement to use separate RabbitMQ Change-Id: Ia54717d9bdb6bf75cb494a9eb4438c1bf9316868 Update vcsrepo to 18b91b2f51a1cd8cd6911bd981e4629dd0d407e8 18b91b2f51a1cd8cd6911bd981e4629dd0d407e8 Merge pull request #232 from netors/master 8f47c4e744992a70028a4a744ae654d6fd6d7233 Add ability to unittest puppet 4 118eb7bcbdc85e9b6d3778e4536b6940a3d23087 Merge pull request #251 from mhaskel/merge_1.3.x_to_master e94d67588b368ae51671d777e0f0e53d24e28dea Merge branch 'psoloway-readme' into 1.3.x f900efd909155c7a9c1d6d74f63d9e919436ccec Last-minute README corrections 3d3220033fd8be6d7314f995a087d72654d4b8cd Merge pull request #249 from hunner/release_1.3.0 f555eaf0e34650b72550055c9fa9d60292e9f276 Release 1.3.0 aff1a289608cbba1249c17f7662f3e3f0fe646ab Merge pull request #246 from psoloway/readme aaa5d87d966df4c4f7d54ca4fd878ac794a8dc8f Merge pull request #248 from hunner/fix_tmp 7f97a76f4682a7c1d5bfbbc3cd5a6dd9523b1d96 (MODULES-821) Don't use /tmp 5998ab9ad89ca7c2926cef4b09f46e954f734aea Merge upstream changes into readme branch b1e0a48fa095aac7d2aea01f616a164890a10c2d Update README per DOC-1501 56852e9cbf93c3f6f5db7dcdd40b3d364b548182 Bugfix: removed duplicated condition cf5c8e6e9fb46115d59ec4e3b5d433e29168fe00 Added submodules true condition before update_submodules on revision method Change-Id: I19956d6327fbe188c49df6d8252dd2c9fc835e17 Update vswitch to 8bdf36261b7f25ac0f0af84804d102db0ba51007 8bdf36261b7f25ac0f0af84804d102db0ba51007 make dkms on Debian/Ubuntu optional, add tests Change-Id: Ifed08109d5780bfd83b1ebaac947afd7bb7961e8 Update xinetd to 1420bf2bf2462a95185e9d2fffdf0a93edd8c7dc 1420bf2bf2462a95185e9d2fffdf0a93edd8c7dc Merge pull request #51 from ghoneycutt/style 6a91977fe4d82518c5d608a5255267ed6b618fcd Style change to appease puppet-lint Change-Id: I35cf2048bcb9ae21c00c2f93fd11b43f4e5adb6b --- Puppetfile | 62 +- apache/.travis.yml | 5 + apache/README.md | 42 +- apache/manifests/default_mods.pp | 15 +- apache/manifests/init.pp | 6 + apache/manifests/mod.pp | 35 + apache/manifests/mod/alias.pp | 1 + apache/manifests/mod/authn_core.pp | 7 + apache/manifests/mod/prefork.pp | 2 +- apache/manifests/mod/worker.pp | 2 +- apache/manifests/mpm.pp | 32 + apache/manifests/params.pp | 60 + apache/manifests/version.pp | 3 + apache/spec/classes/apache_spec.rb | 18 + apache/spec/defines/vhost_spec.rb | 14 + apache/templates/httpd.conf.erb | 8 + apache/templates/vhost/_directories.erb | 3 + ceilometer/manifests/agent/compute.pp | 2 +- ceilometer/manifests/agent/polling.pp | 2 +- cinder/Gemfile | 1 + cinder/spec/acceptance/basic_cinder_spec.rb | 42 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../{nodepool.yml => nodepool-trusty.yml} | 0 cinder/spec/spec_helper_acceptance.rb | 7 +- firewall/.travis.yml | 5 + firewall/CHANGELOG.md | 19 + firewall/README.markdown | 112 +- .../lib/puppet/provider/firewall/ip6tables.rb | 4 +- .../lib/puppet/provider/firewall/iptables.rb | 4 +- firewall/lib/puppet/type/firewall.rb | 12 +- firewall/metadata.json | 4 +- firewall/spec/acceptance/firewall_mss_spec.rb | 53 +- .../spec/fixtures/iptables/conversion_hash.rb | 23 + galera/README.md | 9 +- galera/manifests/monitor.pp | 2 +- galera/manifests/server.pp | 77 +- glance/manifests/registry.pp | 26 +- glance/spec/classes/glance_registry_spec.rb | 6 +- haproxy/.travis.yml | 5 + haproxy/README.md | 543 ++++---- haproxy/manifests/params.pp | 2 +- heat/Gemfile | 1 + heat/spec/acceptance/basic_heat_spec.rb | 44 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../{nodepool.yml => nodepool-trusty.yml} | 0 heat/spec/spec_helper_acceptance.rb | 7 +- horizon/Gemfile | 1 + .../acceptance/horizon_with_apache_spec.rb | 49 +- horizon/spec/acceptance/nodesets/default.yml | 10 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 horizon/spec/spec_helper_acceptance.rb | 1 + inifile/.travis.yml | 5 + .../parser/functions/create_ini_settings.rb | 86 ++ .../classes/create_ini_settings_test_spec.rb | 25 + .../manifests/init.pp | 17 + .../functions/create_ini_settings_spec.rb | 23 + ironic/Gemfile | 1 + ironic/spec/acceptance/basic_ironic_spec.rb | 91 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 ironic/spec/spec_helper_acceptance.rb | 7 +- keystone/Gemfile | 1 + keystone/manifests/init.pp | 4 +- .../spec/acceptance/basic_keystone_spec.rb | 39 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 keystone/spec/classes/keystone_spec.rb | 5 +- keystone/spec/spec_helper_acceptance.rb | 2 +- manila/Gemfile | 1 + manila/spec/acceptance/basic_manila_spec.rb | 42 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 manila/spec/spec_helper_acceptance.rb | 8 +- memcached/manifests/init.pp | 32 +- memcached/metadata.json | 2 +- memcached/spec/classes/memcached_spec.rb | 14 +- memcached/templates/memcached.conf.erb | 3 + memcached/templates/memcached_sysconfig.erb | 7 +- .../templates/plugin/python/module.conf.erb | 6 +- mongodb/.travis.yml | 5 + mysql/.travis.yml | 5 + mysql/CHANGELOG.md | 31 + mysql/README.md | 12 +- mysql/manifests/backup/mysqldump.pp | 4 +- mysql/manifests/params.pp | 14 +- mysql/manifests/server/backup.pp | 2 +- mysql/manifests/server/installdb.pp | 5 +- mysql/manifests/server/service.pp | 2 +- mysql/metadata.json | 2 +- mysql/spec/acceptance/mysql_backup_spec.rb | 15 +- .../spec/classes/mysql_server_backup_spec.rb | 34 +- neutron/lib/puppet/provider/neutron.rb | 4 +- neutron/manifests/agents/l3.pp | 2 +- neutron/spec/acceptance/basic_neutron_spec.rb | 13 +- neutron/spec/spec_helper_acceptance.rb | 1 + neutron/spec/unit/provider/neutron_spec.rb | 2 +- nova/Gemfile | 1 + nova/README.md | 8 +- nova/manifests/compute/libvirt.pp | 2 +- nova/manifests/compute/rbd.pp | 3 +- nova/manifests/params.pp | 2 + nova/spec/acceptance/basic_nova_spec.rb | 43 +- nova/spec/acceptance/nodesets/default.yml | 10 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 .../nodesets/ubuntu-server-1404-x64.yml | 11 + .../spec/classes/nova_compute_libvirt_spec.rb | 12 +- nova/spec/spec_helper_acceptance.rb | 7 +- nova/templates/secret.xml-compute.erb | 2 +- ntp/.travis.yml | 5 + ntp/CHANGELOG.md | 26 +- ntp/metadata.json | 2 +- openstacklib/Gemfile | 1 + openstacklib/spec/acceptance/mysql_spec.rb | 2 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 openstacklib/spec/acceptance/rabbitmq_spec.rb | 20 + openstacklib/spec/spec_helper_acceptance.rb | 1 + rabbitmq/.travis.yml | 5 + rabbitmq/CHANGELOG.md | 11 + rabbitmq/README.md | 12 +- rabbitmq/manifests/config.pp | 9 +- rabbitmq/metadata.json | 2 +- rabbitmq/spec/classes/rabbitmq_spec.rb | 9 +- redis/manifests/init.pp | 6 + redis/manifests/params.pp | 4 + redis/manifests/service.pp | 12 +- redis/spec/classes/redis_spec.rb | 6 + sahara/Gemfile | 1 + sahara/manifests/init.pp | 49 +- sahara/spec/acceptance/basic_sahara_spec.rb | 43 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 sahara/spec/spec_helper_acceptance.rb | 8 +- stdlib/.travis.yml | 5 + stdlib/CHANGELOG.md | 2 +- stdlib/README.markdown | 654 +++++---- stdlib/lib/facter/facter_dot_d.rb | 2 +- .../puppet/parser/functions/fqdn_rotate.rb | 4 +- .../parser/functions/validate_integer.rb | 1 + .../parser/functions/validate_numeric.rb | 1 + stdlib/lib/puppet/provider/file_line/ruby.rb | 24 +- stdlib/spec/functions/type_of_spec.rb | 32 +- .../spec/functions/validate_integer_spec.rb | 5 + .../spec/functions/validate_numeric_spec.rb | 5 + .../puppet/provider/file_line/ruby_spec.rb | 18 +- swift/Gemfile | 1 + swift/manifests/proxy/cache.pp | 2 +- swift/manifests/storage/mount.pp | 4 +- swift/manifests/storage/server.pp | 2 +- swift/spec/acceptance/basic_swift_spec.rb | 40 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 swift/spec/spec_helper_acceptance.rb | 4 + tempest/Gemfile | 1 + .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 0 trove/Gemfile | 1 + trove/README.md | 7 + trove/manifests/init.pp | 32 +- trove/manifests/params.pp | 4 +- trove/manifests/taskmanager.pp | 7 + trove/spec/acceptance/basic_trove_spec.rb | 43 +- .../acceptance/nodesets/nodepool-centos7.yml | 9 + .../acceptance/nodesets/nodepool-trusty.yml | 2 +- trove/spec/classes/trove_init_spec.rb | 22 +- trove/spec/spec_helper_acceptance.rb | 8 +- vcsrepo/.travis.yml | 5 + vcsrepo/CHANGELOG.md | 71 +- vcsrepo/README.markdown | 1235 +++++++++-------- vcsrepo/lib/puppet/provider/vcsrepo/git.rb | 4 +- vcsrepo/metadata.json | 2 +- vswitch/manifests/ovs.pp | 49 +- vswitch/manifests/params.pp | 14 +- vswitch/spec/classes/vswitch_ovs_spec.rb | 172 ++- vswitch/spec/spec_helper.rb | 4 + xinetd/manifests/params.pp | 2 + 178 files changed, 3165 insertions(+), 1731 deletions(-) create mode 100644 apache/manifests/mod/authn_core.pp create mode 100644 cinder/spec/acceptance/nodesets/nodepool-centos7.yml rename cinder/spec/acceptance/nodesets/{nodepool.yml => nodepool-trusty.yml} (100%) create mode 100644 heat/spec/acceptance/nodesets/nodepool-centos7.yml rename heat/spec/acceptance/nodesets/{nodepool.yml => nodepool-trusty.yml} (100%) create mode 100644 horizon/spec/acceptance/nodesets/nodepool-centos7.yml rename ironic/spec/acceptance/nodesets/nodepool.yml => horizon/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 inifile/lib/puppet/parser/functions/create_ini_settings.rb create mode 100644 inifile/spec/classes/create_ini_settings_test_spec.rb create mode 100644 inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp create mode 100644 inifile/spec/functions/create_ini_settings_spec.rb create mode 100644 ironic/spec/acceptance/nodesets/nodepool-centos7.yml rename keystone/spec/acceptance/nodesets/nodepool.yml => ironic/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 keystone/spec/acceptance/nodesets/nodepool-centos7.yml rename manila/spec/acceptance/nodesets/nodepool.yml => keystone/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 manila/spec/acceptance/nodesets/nodepool-centos7.yml rename nova/spec/acceptance/nodesets/nodepool.yml => manila/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 nova/spec/acceptance/nodesets/nodepool-centos7.yml rename openstacklib/spec/acceptance/nodesets/nodepool.yml => nova/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 nova/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml create mode 100644 openstacklib/spec/acceptance/nodesets/nodepool-centos7.yml rename sahara/spec/acceptance/nodesets/nodepool.yml => openstacklib/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 sahara/spec/acceptance/nodesets/nodepool-centos7.yml rename swift/spec/acceptance/nodesets/nodepool.yml => sahara/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 swift/spec/acceptance/nodesets/nodepool-centos7.yml rename tempest/spec/acceptance/nodesets/nodepool.yml => swift/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 tempest/spec/acceptance/nodesets/nodepool-centos7.yml rename trove/spec/acceptance/nodesets/nodepool.yml => tempest/spec/acceptance/nodesets/nodepool-trusty.yml (100%) create mode 100644 trove/spec/acceptance/nodesets/nodepool-centos7.yml rename horizon/spec/acceptance/nodesets/nodepool.yml => trove/spec/acceptance/nodesets/nodepool-trusty.yml (83%) diff --git a/Puppetfile b/Puppetfile index 0cbc30ff9..2d1775d8d 100644 --- a/Puppetfile +++ b/Puppetfile @@ -1,5 +1,5 @@ mod 'apache', - :commit => '18a33383dc11a9f264db97a1b98a05dc661c6808', + :commit => 'bf061e66d10ff595799e13945832948e0a538cea', :git => 'https://github.com/puppetlabs/puppetlabs-apache.git' mod 'aviator', @@ -7,7 +7,7 @@ mod 'aviator', :git => 'https://github.com/aimonb/puppet_aviator.git' mod 'ceilometer', - :commit => 'c6f69adf40a95595c362c3cce0bae700ec223b85', + :commit => '264ea1b19155bb2f34a95858b18442c14504ddf2', :git => 'https://github.com/stackforge/puppet-ceilometer.git' mod 'ceph', @@ -19,7 +19,7 @@ mod 'certmonger', :git => 'https://github.com/rcritten/puppet-certmonger.git' mod 'cinder', - :commit => '24bb8f7b326eec428907fb104dd56e4240b5a5d4', + :commit => '4785c1c739f19c4874d0ba24f14e34b6f0d06375', :git => 'https://github.com/stackforge/puppet-cinder.git' mod 'common', @@ -35,15 +35,15 @@ mod 'corosync', :git => 'https://github.com/puppetlabs/puppetlabs-corosync.git' mod 'firewall', - :commit => '667a9f67a7ce8eb343c132feb1e00c6e2132d38a', + :commit => 'cbfca920444c5da5bddd3990f89ca61e5bcc0006', :git => 'https://github.com/puppetlabs/puppetlabs-firewall.git' mod 'galera', - :commit => '92463ad0567c066796b7fac4a1466e6a60621f6c', + :commit => '26016bc260b6d1101201dd1ca791deb1a5fcf2cf', :git => 'https://github.com/redhat-openstack/puppet-galera.git' mod 'glance', - :commit => '0db42a6a60bd4952f795d61ea26ed299e8c35bc8', + :commit => 'c76d39605ff311eaba6ca226ac7dac19f86279ed', :git => 'https://github.com/stackforge/puppet-glance.git' mod 'gluster', @@ -55,19 +55,19 @@ mod 'gnocchi', :git => 'https://github.com/stackforge/puppet-gnocchi.git' mod 'haproxy', - :commit => 'd89fad1c32cba514298c7eb2b82705a997f472f4', + :commit => '3007560fc47da48d576890b1823e0ccfac3d9207', :git => 'https://github.com/puppetlabs/puppetlabs-haproxy.git' mod 'heat', - :commit => 'a974b0651c852fb693919b92bf3da648b41a156b', + :commit => '01004884a1a4d3e2e5fac779975ddc18fec034cd', :git => 'https://github.com/stackforge/puppet-heat.git' mod 'horizon', - :commit => '3e2776bcef02ed062ab7df76d99e8852eec83b91', + :commit => 'b975b22d97f5b794160bfdd5c4190990e8496331', :git => 'https://github.com/stackforge/puppet-horizon.git' mod 'inifile', - :commit => '3bfcceb17f35f53f58a1f018a388b74178c661f3', + :commit => 'c72bfbb9b1df49ec66a4899e84ea869a1c18426c', :git => 'https://github.com/puppetlabs/puppetlabs-inifile.git' mod 'ipa', @@ -75,7 +75,7 @@ mod 'ipa', :git => 'https://github.com/xbezdick/puppet-ipa-1.git' mod 'ironic', - :commit => '0c859d8fc9a2fc790f20013e8668f520e01ef3a2', + :commit => '78e0dc117ee77275f40dcda8dd060f1d6ca06499', :git => 'https://github.com/stackforge/puppet-ironic.git' mod 'keepalived', @@ -83,19 +83,19 @@ mod 'keepalived', :git => 'https://github.com/Unyonsys/puppet-module-keepalived.git' mod 'keystone', - :commit => 'edf8c3e1753b5ad0eaf982f5932ce61c55a987bd', + :commit => 'eb240c5aa120d428567fb7c239167def96b6b75f', :git => 'https://github.com/stackforge/puppet-keystone.git' mod 'manila', - :commit => '8c8b02b6f294a68544df96180b4c2dcfe3bdddf0', + :commit => 'ce1fa24cfdbb1073a1fedbb373b690b92b35c43f', :git => 'https://github.com/stackforge/puppet-manila.git' mod 'memcached', - :commit => 'e0e9c024dc4ed6f049d68ad3f2cc3ee9666e7277', + :commit => 'f6dd071b94a934fcb66d06228ca234502f4ebb8f', :git => 'https://github.com/saz/puppet-memcached.git' mod 'module-collectd', - :commit => '6a9f9492af6a3a59b74f043ce6bb8227909224b2', + :commit => '27c81f69d00722ce7a6ac1e9c13b8e76fc7a5204', :git => 'https://github.com/pdxcat/puppet-module-collectd.git' mod 'module-data', @@ -103,11 +103,11 @@ mod 'module-data', :git => 'https://github.com/ripienaar/puppet-module-data.git' mod 'mongodb', - :commit => 'bc6cec0bfa3b69c5892302789cf39195a1549369', + :commit => '14117ae3391862021555df8139c66fd04c13c0c3', :git => 'https://github.com/puppetlabs/puppetlabs-mongodb.git' mod 'mysql', - :commit => '030556162ef1b2a06629dad318fdb89925f737ea', + :commit => '5f76233b7f44bb5d11521d78e60f0545da19e60e', :git => 'https://github.com/puppetlabs/puppetlabs-mysql.git' mod 'n1k_vsm', @@ -119,11 +119,11 @@ mod 'nagios', :git => 'https://github.com/gildub/puppet-nagios-openstack.git' mod 'neutron', - :commit => 'b29ee6f706bf7371f69b831f99727396ddb77cad', + :commit => 'dea7f4719fea5529d916ef4cae56020e8ee4efea', :git => 'https://github.com/stackforge/puppet-neutron.git' mod 'nova', - :commit => '3cba5197cc5c4e7807d5c97d374fb175b47878c7', + :commit => 'f4330488dd503562ba936c2f14d23e6af3ee9fca', :git => 'https://github.com/stackforge/puppet-nova.git' mod 'nssdb', @@ -131,7 +131,7 @@ mod 'nssdb', :git => 'https://github.com/rcritten/puppet-nssdb.git' mod 'ntp', - :commit => '53570725fa40ae5bd7368cbaf47b549966d030f2', + :commit => 'c0613256dfcec3fb0ec20ef42c9d9e47f0412648', :git => 'https://github.com/puppetlabs/puppetlabs-ntp' mod 'openstack_extras', @@ -139,7 +139,7 @@ mod 'openstack_extras', :git => 'https://github.com/stackforge/puppet-openstack_extras.git' mod 'openstacklib', - :commit => '54f3a0be5c6a7893d179206e99ed0cd47a0d9d86', + :commit => 'd0de990f92a9a9cb7f705ecd39dd8aa02d02bf48', :git => 'https://github.com/stackforge/puppet-openstacklib.git' mod 'pacemaker', @@ -155,11 +155,11 @@ mod 'qpid', :git => 'https://github.com/dprince/puppet-qpid' mod 'rabbitmq', - :commit => '5d71d50aadfa423b69fe2dfe6171a8ba25d8c0b2', + :commit => 'd3c6971a3e97b7079a6076a43a8891000757797b', :git => 'https://github.com/puppetlabs/puppetlabs-rabbitmq.git' mod 'redis', - :commit => '20baca47f04586a2089bdcf64db1d6c7bfe014ec', + :commit => 'aa13ac935693204972b7255233f13402634f256e', :git => 'https://github.com/arioch/puppet-redis.git' mod 'remote', @@ -171,7 +171,7 @@ mod 'rsync', :git => 'https://github.com/puppetlabs/puppetlabs-rsync.git' mod 'sahara', - :commit => '704d1d812e89b88a49a8d3cf8f9502f47267b256', + :commit => '326860e6244927474f458e5df220abcb59049576', :git => 'https://github.com/stackforge/puppet-sahara.git' mod 'snmp', @@ -187,11 +187,11 @@ mod 'staging', :git => 'https://github.com/nanliu/puppet-staging.git' mod 'stdlib', - :commit => '35c77c7a7a3e9620b79833ba95ed0618bdc9492f', + :commit => '4a8c0a57f2c4df4e2e3fa37466f02a7f6fccd517', :git => 'https://github.com/puppetlabs/puppetlabs-stdlib.git' mod 'swift', - :commit => '08f61073119f25033bf1bdc7e7c18cade837cc0c', + :commit => 'ef9f9a4194237b3cd00446f42d1b407d203cbfd5', :git => 'https://github.com/stackforge/puppet-swift.git' mod 'sysctl', @@ -199,7 +199,7 @@ mod 'sysctl', :git => 'https://github.com/puppetlabs/puppetlabs-sysctl.git' mod 'tempest', - :commit => 'b3d764809c1e20e4f20022c518b662ebe7d6b663', + :commit => 'd46a0c403ee9adcdc2a694c609d9bb6fe3b5a05f', :git => 'https://github.com/stackforge/puppet-tempest.git' mod 'timezone', @@ -211,7 +211,7 @@ mod 'tripleo', :git => 'https://github.com/stackforge/puppet-tripleo.git' mod 'trove', - :commit => '19731ad8f1598106226617b7bd66a1ee1fd67ac2', + :commit => '16e82e68ea62efec3ec7e11d7b9887e16b773372', :git => 'https://github.com/stackforge/puppet-trove' mod 'tuskar', @@ -219,7 +219,7 @@ mod 'tuskar', :git => 'https://github.com/stackforge/puppet-tuskar.git' mod 'vcsrepo', - :commit => '4cc3383f3e22edb31a03a3dad7817734529781ee', + :commit => '18b91b2f51a1cd8cd6911bd981e4629dd0d407e8', :git => 'https://github.com/puppetlabs/puppetlabs-vcsrepo.git' mod 'vlan', @@ -227,10 +227,10 @@ mod 'vlan', :git => 'https://github.com/derekhiggins/puppet-vlan.git' mod 'vswitch', - :commit => '58e807a42cf62890405c51d85a0f84b196faed60', + :commit => '8bdf36261b7f25ac0f0af84804d102db0ba51007', :git => 'https://github.com/stackforge/puppet-vswitch.git' mod 'xinetd', - :commit => '902825112b383dc837acfdd326457f5ba2c5921b', + :commit => '1420bf2bf2462a95185e9d2fffdf0a93edd8c7dc', :git => 'https://github.com/puppetlabs/puppetlabs-xinetd.git' diff --git a/apache/.travis.yml b/apache/.travis.yml index ecf7d9076..742380f6b 100644 --- a/apache/.travis.yml +++ b/apache/.travis.yml @@ -14,5 +14,10 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/apache/README.md b/apache/README.md index f12907c2f..087bbc869 100644 --- a/apache/README.md +++ b/apache/README.md @@ -357,7 +357,7 @@ Specifies the location where apache module files are stored. It should not be co #####`loadfile_name` -Sets the file name for the module loadfile. Should be in the format *.load. This can be used to set the module load order. +Sets the file name for the module loadfile. Should be in the format \*.load. This can be used to set the module load order. #####`log_level` @@ -371,6 +371,17 @@ Define additional [LogFormats](https://httpd.apache.org/docs/current/mod/mod_log $log_formats = { vhost_common => '%v %h %l %u %t \"%r\" %>s %b' } ``` +There are a number of predefined LogFormats in the httpd.conf that Puppet writes out: + +```httpd +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +``` + +If your `$log_formats` contains one of those, they will be overwritten with **your** definition. + #####`logroot` Changes the directory where Apache log files for the virtual host are placed. Defaults to '/var/log/httpd' on RedHat, '/var/log/apache2' on Debian, '/var/log/apache22' on FreeBSD, and '/var/log/apache2' on Gentoo. @@ -549,6 +560,7 @@ There are many `apache::mod::[name]` classes within this module that can be decl * `auth_basic` * `auth_cas`* (see [`apache::mod::auth_cas`](#class-apachemodauthcas) below) * `auth_kerb` +* `authn_core` * `authn_file` * `authnz_ldap`* * `authz_default` @@ -1365,11 +1377,11 @@ Sets [PassengerPreStart](https://www.phusionpassenger.com/documentation/Users%20 #####`php_flags & values` -Allows per-vhost setting [`php_value`s or `php_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values can be overwritten by a user or an application. Defaults to '[]'. +Allows per-vhost setting [`php_value`s or `php_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values can be overwritten by a user or an application. Defaults to '{}'. #####`php_admin_flags & values` -Allows per-vhost setting [`php_admin_value`s or `php_admin_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values cannot be overwritten by a user or an application. Defaults to '[]'. +Allows per-vhost setting [`php_admin_value`s or `php_admin_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values cannot be overwritten by a user or an application. Defaults to '{}'. #####`port` @@ -1932,9 +1944,10 @@ Allows configuration settings for [directory indexing](http://httpd.apache.org/d apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ - { path => '/path/to/directory', - options => ['Indexes','FollowSymLinks','MultiViews'], - index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'], + { path => '/path/to/directory', + directoryindex => 'disabled', # this is needed on Apache 2.4 or mod_autoindex doesn't work + options => ['Indexes','FollowSymLinks','MultiViews'], + index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'], }, ], } @@ -1956,6 +1969,23 @@ Sets the [default ordering](http://httpd.apache.org/docs/current/mod/mod_autoind } ``` +######`index_style_sheet` + +Sets the [IndexStyleSheet](http://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexstylesheet) which adds a CSS stylesheet to the directory index. + +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + options => ['Indexes','FollowSymLinks','MultiViews'], + index_options => ['FancyIndexing'], + index_style_sheet => '/styles/style.css', + }, + ], + } +``` + ######`options` Lists the [Options](http://httpd.apache.org/docs/current/mod/core.html#options) for the given Directory block. diff --git a/apache/manifests/default_mods.pp b/apache/manifests/default_mods.pp index 145c4feeb..0d8969ca6 100644 --- a/apache/manifests/default_mods.pp +++ b/apache/manifests/default_mods.pp @@ -22,6 +22,9 @@ ::apache::mod { 'log_config': } ::apache::mod { 'unixd': } } + 'Suse': { + ::apache::mod { 'log_config': } + } default: {} } case $::osfamily { @@ -34,13 +37,12 @@ if $all { case $::osfamily { 'debian': { + include ::apache::mod::authn_core include ::apache::mod::reqtimeout - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mod { 'authn_core': } - } } 'redhat': { include ::apache::mod::actions + include ::apache::mod::authn_core include ::apache::mod::cache include ::apache::mod::mime include ::apache::mod::mime_magic @@ -61,16 +63,14 @@ ::apache::mod { 'substitute': } ::apache::mod { 'usertrack': } - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mod { 'authn_core': } - } - else { + if versioncmp($apache_version, '2.4') < 0 { ::apache::mod { 'authn_alias': } ::apache::mod { 'authn_default': } } } 'freebsd': { include ::apache::mod::actions + include ::apache::mod::authn_core include ::apache::mod::cache include ::apache::mod::disk_cache include ::apache::mod::headers @@ -88,7 +88,6 @@ ::apache::mod { 'auth_digest': } ::apache::mod { 'auth_form': } ::apache::mod { 'authn_anon': } - ::apache::mod { 'authn_core': } ::apache::mod { 'authn_dbm': } ::apache::mod { 'authn_socache': } ::apache::mod { 'authz_dbd': } diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp index 22b2361ae..9e6da9813 100644 --- a/apache/manifests/init.pp +++ b/apache/manifests/init.pp @@ -281,6 +281,12 @@ require => Package['httpd'], } } + 'Suse': { + $pidfile = '/var/run/httpd2.pid' + $error_log = 'error.log' + $scriptalias = '/usr/lib/cgi-bin' + $access_log_file = 'access.log' + } default: { fail("Unsupported osfamily ${::osfamily}") } diff --git a/apache/manifests/mod.pp b/apache/manifests/mod.pp index bc52d2e20..920114a7c 100644 --- a/apache/manifests/mod.pp +++ b/apache/manifests/mod.pp @@ -126,5 +126,40 @@ notify => Class['apache::service'], } } + } elsif $::osfamily == 'Suse' { + $enable_dir = $::apache::mod_enable_dir + file{ "${_loadfile_name} symlink": + ensure => link, + path => "${enable_dir}/${_loadfile_name}", + target => "${mod_dir}/${_loadfile_name}", + owner => 'root', + group => $::apache::params::root_group, + mode => '0644', + require => [ + File[$_loadfile_name], + Exec["mkdir ${enable_dir}"], + ], + before => File[$enable_dir], + notify => Class['apache::service'], + } + # Each module may have a .conf file as well, which should be + # defined in the class apache::mod::module + # Some modules do not require this file. + if defined(File["${mod}.conf"]) { + file{ "${mod}.conf symlink": + ensure => link, + path => "${enable_dir}/${mod}.conf", + target => "${mod_dir}/${mod}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => '0644', + require => [ + File["${mod}.conf"], + Exec["mkdir ${enable_dir}"], + ], + before => File[$enable_dir], + notify => Class['apache::service'], + } + } } } diff --git a/apache/manifests/mod/alias.pp b/apache/manifests/mod/alias.pp index c1f60fd62..2f078f645 100644 --- a/apache/manifests/mod/alias.pp +++ b/apache/manifests/mod/alias.pp @@ -6,6 +6,7 @@ $icons_path = $::osfamily ? { 'debian' => '/usr/share/apache2/icons', + 'Suse' => '/usr/share/apache2/icons', 'redhat' => $ver24 ? { true => '/usr/share/httpd/icons', default => '/var/www/icons', diff --git a/apache/manifests/mod/authn_core.pp b/apache/manifests/mod/authn_core.pp new file mode 100644 index 000000000..c5ce5b107 --- /dev/null +++ b/apache/manifests/mod/authn_core.pp @@ -0,0 +1,7 @@ +class apache::mod::authn_core( + $apache_version = $::apache::apache_version +) { + if versioncmp($apache_version, '2.4') >= 0 { + ::apache::mod { 'authn_core': } + } +} diff --git a/apache/manifests/mod/prefork.pp b/apache/manifests/mod/prefork.pp index 035e8818a..91567de11 100644 --- a/apache/manifests/mod/prefork.pp +++ b/apache/manifests/mod/prefork.pp @@ -60,7 +60,7 @@ } } } - 'debian', 'freebsd' : { + 'debian', 'freebsd', 'Suse' : { ::apache::mpm{ 'prefork': apache_version => $apache_version, } diff --git a/apache/manifests/mod/worker.pp b/apache/manifests/mod/worker.pp index 02a1beae3..25925f807 100644 --- a/apache/manifests/mod/worker.pp +++ b/apache/manifests/mod/worker.pp @@ -62,7 +62,7 @@ } } } - 'debian', 'freebsd': { + 'debian', 'freebsd', 'Suse': { ::apache::mpm{ 'worker': apache_version => $apache_version, } diff --git a/apache/manifests/mpm.pp b/apache/manifests/mpm.pp index 2478184f5..9e7734945 100644 --- a/apache/manifests/mpm.pp +++ b/apache/manifests/mpm.pp @@ -68,6 +68,38 @@ 'redhat': { # so we don't fail } + 'Suse': { + file { "${::apache::mod_enable_dir}/${mpm}.conf": + ensure => link, + target => "${::apache::mod_dir}/${mpm}.conf", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], + notify => Class['apache::service'], + } + + if versioncmp($apache_version, '2.4') >= 0 { + file { "${::apache::mod_enable_dir}/${mpm}.load": + ensure => link, + target => "${::apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], + notify => Class['apache::service'], + } + + if $mpm == 'itk' { + file { "${lib_path}/mod_mpm_itk.so": + ensure => link, + target => "${lib_path}/mpm_itk.so" + } + } + } + + if versioncmp($apache_version, '2.4') < 0 { + package { "apache2-${mpm}": + ensure => present, + } + } + } default: { fail("Unsupported osfamily ${::osfamily}") } diff --git a/apache/manifests/params.pp b/apache/manifests/params.pp index ce5edec12..b5d142136 100644 --- a/apache/manifests/params.pp +++ b/apache/manifests/params.pp @@ -417,6 +417,66 @@ $wsgi_socket_prefix = undef $docroot = '/var/www/localhost/htdocs' $error_documents_path = '/usr/share/apache2/error' + } elsif $::osfamily == 'Suse' { + $user = 'wwwrun' + $group = 'wwwrun' + $root_group = 'root' + $apache_name = 'apache2' + $service_name = 'apache2' + $httpd_dir = '/etc/apache2' + $server_root = '/etc/apache2' + $conf_dir = $httpd_dir + $confd_dir = "${httpd_dir}/conf.d" + $mod_dir = "${httpd_dir}/mods-available" + $mod_enable_dir = "${httpd_dir}/mods-enabled" + $vhost_dir = "${httpd_dir}/sites-available" + $vhost_enable_dir = "${httpd_dir}/sites-enabled" + $conf_file = 'httpd.conf' + $ports_file = "${conf_dir}/ports.conf" + $logroot = '/var/log/apache2' + $logroot_mode = undef + $lib_path = '/usr/lib64/apache2-prefork/' + $mpm_module = 'prefork' + $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' + $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' + $ssl_certs_dir = '/etc/ssl/certs' + $suphp_addhandler = 'x-httpd-php' + $suphp_engine = 'off' + $suphp_configpath = '/etc/php5/apache2' + $mod_packages = { + 'auth_kerb' => 'apache2-mod_auth_kerb', + 'fcgid' => 'apache2-mod_fcgid', + 'perl' => 'apache2-mod_perl', + 'php5' => 'apache2-mod_php53', + 'python' => 'apache2-mod_python', + } + $mod_libs = { + 'php5' => 'libphp5.so', + } + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 + $max_keepalive_requests = 100 + $fastcgi_lib_path = '/var/lib/apache2/fastcgi' + $mime_support_package = 'aaa_base' + $mime_types_config = '/etc/mime.types' + $docroot = '/srv/www' + $cas_cookie_path = '/var/cache/apache2/mod_auth_cas/' + $error_documents_path = '/usr/share/apache2/error' + $dev_packages = ['libapr-util1-devel', 'libapr1-devel'] + + # + # Passenger-specific settings + # + + $passenger_conf_file = 'passenger.conf' + $passenger_conf_package_file = undef + + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_default_ruby = undef + $wsgi_socket_prefix = undef + } else { fail("Class['apache::params']: Unsupported osfamily: ${::osfamily}") } diff --git a/apache/manifests/version.pp b/apache/manifests/version.pp index a0c9d0dc9..527dc6d38 100644 --- a/apache/manifests/version.pp +++ b/apache/manifests/version.pp @@ -35,6 +35,9 @@ 'Gentoo': { $default = '2.4' } + 'Suse': { + $default = '2.2' + } default: { fail("Class['apache::version']: Unsupported osfamily: ${::osfamily}") } diff --git a/apache/spec/classes/apache_spec.rb b/apache/spec/classes/apache_spec.rb index 07ef1cc27..b82eafa0d 100644 --- a/apache/spec/classes/apache_spec.rb +++ b/apache/spec/classes/apache_spec.rb @@ -218,6 +218,23 @@ end end + describe "Override existing LogFormats" do + context "When parameter log_formats is a hash" do + let :params do + { :log_formats => { + 'common' => "%v %h %l %u %t \"%r\" %>s %b", + 'combined' => "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" + } } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } + end + end + context "on Ubuntu" do let :facts do super().merge({ @@ -660,6 +677,7 @@ # Assert that load files are placed for these mods, but no conf file. [ 'auth_basic', + 'authn_core', 'authn_file', 'authz_groupfile', 'authz_host', diff --git a/apache/spec/defines/vhost_spec.rb b/apache/spec/defines/vhost_spec.rb index d81ca3896..47c1b1f45 100644 --- a/apache/spec/defines/vhost_spec.rb +++ b/apache/spec/defines/vhost_spec.rb @@ -183,6 +183,12 @@ 'provider' => 'files', 'require' => 'all granted', }, + { 'path' => '/var/www/files/indexed_directory', + 'directoryindex' => 'disabled', + 'options' => ['Indexes','FollowSymLinks','MultiViews'], + 'index_options' => ['FancyIndexing'], + 'index_style_sheet' => '/styles/style.css', + }, ], 'error_log' => false, 'error_log_file' => 'httpd_error_log', @@ -360,6 +366,14 @@ :content => /^\s+Require all denied$/ ) } it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( :content => /^\s+Require all granted$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Options\sIndexes\sFollowSymLinks\sMultiViews$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+IndexOptions\sFancyIndexing$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+IndexStyleSheet\s'\/styles\/style\.css'$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+DirectoryIndex\sdisabled$/ ) } it { is_expected.to contain_concat__fragment('rspec.example.com-additional_includes') } it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } diff --git a/apache/templates/httpd.conf.erb b/apache/templates/httpd.conf.erb index 6c50e2871..8664a43e4 100644 --- a/apache/templates/httpd.conf.erb +++ b/apache/templates/httpd.conf.erb @@ -60,10 +60,18 @@ Include "<%= @mod_load_dir %>/*.conf" <% end -%> Include "<%= @ports_file %>" +<% unless @log_formats.has_key?('combined') -%> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +<% end -%> +<% unless @log_formats.has_key?('common') -%> LogFormat "%h %l %u %t \"%r\" %>s %b" common +<% end -%> +<% unless @log_formats.has_key?('referer') -%> LogFormat "%{Referer}i -> %U" referer +<% end -%> +<% unless @log_formats.has_key?('agent') -%> LogFormat "%{User-agent}i" agent +<% end -%> <% if @log_formats and !@log_formats.empty? -%> <%- @log_formats.sort.each do |nickname,format| -%> LogFormat "<%= format -%>" <%= nickname %> diff --git a/apache/templates/vhost/_directories.erb b/apache/templates/vhost/_directories.erb index 1f45d2c0e..529d9bdff 100644 --- a/apache/templates/vhost/_directories.erb +++ b/apache/templates/vhost/_directories.erb @@ -46,6 +46,9 @@ <%- end -%> <%- if directory['index_order_default'] -%> IndexOrderDefault <%= Array(directory['index_order_default']).join(' ') %> + <%- end -%> + <%- if directory['index_style_sheet'] -%> + IndexStyleSheet '<%= directory['index_style_sheet'] %>' <%- end -%> <%- if directory['allow_override'] -%> AllowOverride <%= Array(directory['allow_override']).join(' ') %> diff --git a/ceilometer/manifests/agent/compute.pp b/ceilometer/manifests/agent/compute.pp index 1c48c781c..ec678b8ed 100644 --- a/ceilometer/manifests/agent/compute.pp +++ b/ceilometer/manifests/agent/compute.pp @@ -51,7 +51,7 @@ } } - Package['nova-common'] -> Package['ceilometer-common'] -> Service['ceilometer-agent-compute'] + Package <| title == 'nova-common' |> -> Package['ceilometer-common'] -> Service['ceilometer-agent-compute'] service { 'ceilometer-agent-compute': ensure => $service_ensure, name => $::ceilometer::params::agent_compute_service_name, diff --git a/ceilometer/manifests/agent/polling.pp b/ceilometer/manifests/agent/polling.pp index a4316af21..0987420ac 100644 --- a/ceilometer/manifests/agent/polling.pp +++ b/ceilometer/manifests/agent/polling.pp @@ -83,7 +83,7 @@ $compute_namespace_name = 'compute' - Package['nova-common'] -> Package['ceilometer-common'] + Package <| title == 'nova-common' |> -> Package['ceilometer-common'] } if $ipmi_namespace { diff --git a/cinder/Gemfile b/cinder/Gemfile index 30fc91131..091cb6268 100644 --- a/cinder/Gemfile +++ b/cinder/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'puppet-lint', '~> 1.1' gem 'puppet-lint-param-docs', '1.1.0' diff --git a/cinder/spec/acceptance/basic_cinder_spec.rb b/cinder/spec/acceptance/basic_cinder_spec.rb index 9c8592a6b..042d09c90 100644 --- a/cinder/spec/acceptance/basic_cinder_spec.rb +++ b/cinder/spec/acceptance/basic_cinder_spec.rb @@ -9,27 +9,41 @@ Exec { logoutput => 'on_failure' } # Common resources - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': diff --git a/cinder/spec/acceptance/nodesets/nodepool-centos7.yml b/cinder/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/cinder/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/cinder/spec/acceptance/nodesets/nodepool.yml b/cinder/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from cinder/spec/acceptance/nodesets/nodepool.yml rename to cinder/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/cinder/spec/spec_helper_acceptance.rb b/cinder/spec/spec_helper_acceptance.rb index b46eb6364..540ddf90a 100644 --- a/cinder/spec/spec_helper_acceptance.rb +++ b/cinder/spec/spec_helper_acceptance.rb @@ -27,14 +27,19 @@ # install library modules from the forge on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'cinder') diff --git a/firewall/.travis.yml b/firewall/.travis.yml index 52e0871be..cbf6f11df 100644 --- a/firewall/.travis.yml +++ b/firewall/.travis.yml @@ -14,9 +14,14 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/firewall/CHANGELOG.md b/firewall/CHANGELOG.md index be6888ee2..974262fb6 100644 --- a/firewall/CHANGELOG.md +++ b/firewall/CHANGELOG.md @@ -1,3 +1,22 @@ +##2015-05-19 - Supported Release 1.6.0 +###Summary + +This release includes support for TEE, MSS, the time ipt module, Debian 8 support, and a number of test fixes and other improvements. + +####Features +- Add TEE support +- Add MSS support (including clamp-mss-to-pmtu support) +- Add support for the time ipt module (-m time) +- Add support for Debian 8 +- Add support for ICMPv6 types 'neighbour-{solicitation,advertisement}' +- Add support for ICMPv6 type 'too-big' +- Add support for new 'match_mark' property +- Added 'ipv4' and 'ipv6' options to 'proto' property + +####Bugfixes +- Fix for Systemd-based OSes where systemd needs restarted before being able to pick up new services (MODULES-1984) +- Arch Linux package management fix + ##2015-03-31 - Supported Release 1.5.0 ###Summary diff --git a/firewall/README.markdown b/firewall/README.markdown index c2cc352dd..cbcee2eeb 100644 --- a/firewall/README.markdown +++ b/firewall/README.markdown @@ -70,7 +70,7 @@ Therefore, the run order is: The rules in the `pre` and `post` classes are fairly general. These two classes ensure that you retain connectivity and that you drop unmatched packets appropriately. The rules you define in your manifests are likely specific to the applications you run. 1.) Add the `pre` class to my_fw/manifests/pre.pp. Your pre.pp file should contain any default rules to be applied first. The rules in this class should be added in the order you want them to run.2. - ```puppet + ~~~puppet class my_fw::pre { Firewall { require => undef, @@ -98,12 +98,13 @@ The rules in the `pre` and `post` classes are fairly general. These two classes action => 'accept', } } - ``` + ~~~ The rules in `pre` should allow basic networking (such as ICMP and TCP) and ensure that existing connections are not closed. 2.) Add the `post` class to my_fw/manifests/post.pp and include any default rules to be applied last. - ```puppet + + ~~~puppet class my_fw::post { firewall { '999 drop all': proto => 'all', @@ -111,17 +112,17 @@ The rules in the `pre` and `post` classes are fairly general. These two classes before => undef, } } - ``` + ~~~ Alternatively, the [firewallchain](#type-firewallchain) type can be used to set the default policy: - ```puppet + ~~~puppet firewallchain { 'INPUT:filter:IPv4': ensure => present, policy => drop, before => undef, } - ``` + ~~~ ####Create Firewall Rules @@ -132,41 +133,43 @@ Rules are persisted automatically between reboots, although there are known issu 1.) In site.pp or another top-scope file, add the following code to set up a metatype to purge unmanaged firewall resources. This will clear any existing rules and make sure that only rules defined in Puppet exist on the machine. **Note** - This only purges IPv4 rules. - ```puppet + + ~~~puppet resources { 'firewall': purge => true } - ``` + ~~~ To purge unmanaged firewall chains, also add: - ```puppet + ~~~puppet resources { 'firewallchain': purge => true } - ``` - **Note** - If there are unmanaged rules in unmanaged chains it will take two Puppet runs before the firewall chain is purged. This is different than the `purge` parameter available in `firewallchain`. + ~~~ + + **Note** - If there are unmanaged rules in unmanaged chains, it will take two Puppet runs before the firewall chain is purged. This is different than the `purge` parameter available in `firewallchain`. 2.) Use the following code to set up the default parameters for all of the firewall rules you will establish later. These defaults will ensure that the `pre` and `post` classes are run in the correct order to avoid locking you out of your box during the first Puppet run. - ```puppet + ~~~puppet Firewall { before => Class['my_fw::post'], require => Class['my_fw::pre'], } - ``` + ~~~ 3.) Then, declare the `my_fw::pre` and `my_fw::post` classes to satisfy dependencies. You can declare these classes using an External Node Classifier or the following code: - ```puppet + ~~~puppet class { ['my_fw::pre', 'my_fw::post']: } - ``` + ~~~ 4.) Include the `firewall` class to ensure the correct packages are installed. - ```puppet + ~~~puppet class { 'firewall': } - ``` + ~~~ ###Upgrading @@ -194,32 +197,33 @@ In iptables, the title of the rule is stored using the comment feature of the un Basic accept ICMP request example: -```puppet +~~~puppet firewall { "000 accept all icmp requests": proto => "icmp", action => "accept", } -``` +~~~ + Drop all: -```puppet +~~~puppet firewall { "999 drop all other requests": action => "drop", } -``` +~~~ #### Example of an IPv6 rule IPv6 rules can be specified using the _ip6tables_ provider: -```puppet +~~~puppet firewall { "006 Allow inbound SSH (v6)": port => 22, proto => tcp, action => accept, provider => 'ip6tables', } -``` +~~~ ###Application-Specific Rules @@ -232,7 +236,7 @@ remain close to the services managed by the profile. This is an example of firewall rules in a profile: -```puppet +~~~puppet class profile::apache { include apache apache::vhost { 'mysite': ensure => present } @@ -243,7 +247,7 @@ class profile::apache { action => accept, } } -``` +~~~ ###Rule inversion Firewall rules may be inverted by prefixing the value of a parameter by "! ". If the value is an array, then every item in the array must be prefixed as iptables does not understand inverting a single value. @@ -252,7 +256,7 @@ Parameters that understand inversion are: connmark, ctstate, destination, dport, Examples: -```puppet +~~~puppet firewall { '001 disallow esp protocol': action => 'accept', proto => '! esp', @@ -266,22 +270,23 @@ firewall { '002 drop NEW external website packets with FIN/RST/ACK set and SYN u source => '! 10.0.0.0/8', tcp_flags => '! FIN,SYN,RST,ACK SYN', } -``` +~~~ ###Additional Uses for the Firewall Module You can apply firewall rules to specific nodes. Usually, you will want to put the firewall rule in another class and apply that class to a node. Apply a rule to a node as follows: -```puppet +~~~puppet node 'some.node.com' { firewall { '111 open port 111': dport => 111 } } -``` +~~~ You can also do more complex things with the `firewall` resource. This example sets up static NAT for the source network 10.1.2.0/24: -```puppet + +~~~puppet firewall { '100 snat for network foo2': chain => 'POSTROUTING', jump => 'MASQUERADE', @@ -290,12 +295,12 @@ firewall { '100 snat for network foo2': source => '10.1.2.0/24', table => 'nat', } -``` +~~~ You can also change the TCP MSS value for VPN client traffic: -```puppet +~~~puppet firewall { '110 TCPMSS for VPN clients': chain => 'FORWARD', table => 'mangle', @@ -306,11 +311,11 @@ firewall { '110 TCPMSS for VPN clients': set_mss => '1360', jump => 'TCPMSS', } -``` +~~~ The following will mirror all traffic sent to the server to a secondary host on the LAN with the TEE target: -```puppet +~~~puppet firewall { '503 Mirror traffic to IDS': proto => all, jump => 'TEE', @@ -318,10 +323,10 @@ firewall { '503 Mirror traffic to IDS': chain => 'PREROUTING', table => 'mangle', } -``` +~~~ The following example creates a new chain and forwards any port 5000 access to it. -```puppet +~~~puppet firewall { '100 forward to MY_CHAIN': chain => 'INPUT', jump => 'MY_CHAIN', @@ -336,7 +341,7 @@ firewall { '100 my rule': proto => 'tcp', dport => 5000, } -``` +~~~ ###Additional Information @@ -487,7 +492,9 @@ If Puppet is managing the iptables or iptables-persistent packages, and the prov * `chain`: Name of the chain to use. You can provide a user-based chain or use one of the following built-in chains:'INPUT','FORWARD','OUTPUT','PREROUTING', or 'POSTROUTING'. The default value is 'INPUT'. Values must match '/^[a-zA-Z0-9\-_]+$/'. Requires the `iptables` feature. - * `checksum_fill`: When using a `jump` value of 'CHECKSUM' this boolean will make sure that a checksum is calculated and filled in a packet that lacks a checksum. Valid values are true or false. Requires the `iptables` feature. +* `checksum_fill`: When using a `jump` value of 'CHECKSUM', this boolean makes sure that a checksum is calculated and filled in a packet that lacks a checksum. Valid values are 'true' or 'false'. Requires the `iptables` feature. + +* `clamp_mss_to_pmtu`: Enables PMTU Clamping support when using a jump target of 'TCPMSS'. Valid values are 'true' or 'false'. * `connlimit_above`: Connection limiting value for matched connections above n. Values must match '/^\d+$/'. Requires the `connection_limiting` feature. @@ -573,22 +580,22 @@ If Puppet is managing the iptables or iptables-persistent packages, and the prov * `mask`: Sets the mask to use when `recent` is enabled. Requires the `mask` feature. -* `month_days`: Only match on the given days of the month. Possible values are '1' to '31'. Note that specifying 31 will of course not match on months which do not have a 31st day; the same goes for 28- or 29-day February. +* `month_days`: Only match on the given days of the month. Possible values are '1' to '31'. Note that specifying '31' will not match on months that do not have a 31st day; the same goes for 28- or 29-day February. -* `match_mark`: Match the Netfilter mark value associated with the packet. Accepts either of mark/mask or mark. These will be converted to hex if they are not already. Requires the `mark` feature. +* `match_mark`: Match the Netfilter mark value associated with the packet. Accepts either of mark/mask or mark. These will be converted to hex if they are not already. Requires the `mark` feature. * `mss`: Sets a given TCP MSS value or range to match. * `name`: The canonical name of the rule. This name is also used for ordering, so make sure you prefix the rule with a number. For example: -```puppet +~~~puppet firewall { '000 this runs first': # this rule will run first } firewall { '999 this runs last': # this rule will run last } - ``` + ~~~ Depending on the provider, the name of the rule can be stored using the comment feature of the underlying firewall subsystem. Values must match '/^\d+[[:alpha:][:digit:][:punct:][:space:]]+$/'. @@ -630,7 +637,7 @@ firewall { '999 this runs last': * `recent`: Enable the recent module. Valid values are: 'set', 'update', 'rcheck', or 'remove'. For example: -```puppet +~~~puppet # If anyone's appeared on the 'badguy' blacklist within # the last 60 seconds, drop their traffic, and update the timestamp. firewall { '100 Drop badguy traffic': @@ -652,7 +659,7 @@ firewall { '101 blacklist strange traffic': action => 'DROP', chain => 'FORWARD', } -``` +~~~ Requires the `recent_limiting` feature. @@ -714,7 +721,7 @@ firewall { '101 blacklist strange traffic': Note that you specify flags in the order that iptables `--list` rules would list them to avoid having Puppet think you changed the flags. For example, 'FIN,SYN,RST,ACK SYN' matches packets with the SYN bit set and the ACK, RST and FIN bits cleared. Such packets are used to request TCP connection initiation. Requires the `tcp_flags` feature. -* `time_contiguous`: When time_stop is smaller than time_start value, match this as a single time period instead distinct intervals. +* `time_contiguous`: When the `time_stop` value is smaller than the `time_start` value, match this as a single time period instead of distinct intervals. * `time_start`: Start time for the rule to match. The possible time range is '00:00:00' to '23:59:59'. Leading zeroes are allowed (e.g. '06:03') and correctly interpreted as base-10. @@ -756,7 +763,7 @@ Currently this type supports only iptables, ip6tables, and ebtables on Linux. It * `ignore`: Regex to perform on firewall rules to exempt unmanaged rules from purging (when enabled). This is matched against the output of iptables-save. This can be a single regex or an array of them. To support flags, use the ruby inline flag mechanism: a regex such as '/foo/i' can be written as '(?i)foo' or '(?i:foo)'. Only when purge is 'true'. Full example: -```puppet +~~~puppet firewallchain { 'INPUT:filter:IPv4': purge => true, ignore => [ @@ -766,7 +773,7 @@ firewallchain { 'INPUT:filter:IPv4': '--comment "[^"](?i:ignore)[^"]"', ], } -``` +~~~ * `name`: Specify the canonical name of the chain. For iptables the format must be {chain}:{table}:{protocol}. @@ -789,11 +796,11 @@ firewallchain { 'INPUT:filter:IPv4': **Note** This `purge` is purging unmanaged rules in a firewall chain, not unmanaged firewall chains. To purge unmanaged firewall chains, use the following instead. -```puppet +~~~puppet resources { 'firewallchain': purge => true } -``` +~~~ ###Fact: ip6tables_version @@ -822,9 +829,14 @@ when the "Unbreakable" kernel is used. These may function correctly when using the stock RedHat kernel instead. Declaring either of these parameters on an unsupported system will result in iptable rules failing to apply. +### Debian 8 Support + +As Puppet Enterprise itself does not yet support Debian 8, use of this module with Puppet Enterprise under a Debian 8 +system should be regarded as experimental. + ###Other -Bugs can be reported using JIRA issues +Bugs can be reported in JIRA: diff --git a/firewall/lib/puppet/provider/firewall/ip6tables.rb b/firewall/lib/puppet/provider/firewall/ip6tables.rb index 1e2f2ed09..2a05dcf69 100644 --- a/firewall/lib/puppet/provider/firewall/ip6tables.rb +++ b/firewall/lib/puppet/provider/firewall/ip6tables.rb @@ -67,6 +67,7 @@ def self.iptables_save(*args) @resource_map = { :burst => "--limit-burst", :checksum_fill => "--checksum-fill", + :clamp_mss_to_pmtu => "--clamp-mss-to-pmtu", :connlimit_above => "-m connlimit --connlimit-above", :connlimit_mask => "--connlimit-mask", :connmark => "-m connmark --mark", @@ -143,6 +144,7 @@ def self.iptables_save(*args) # to true if they exist. @known_booleans = [ :checksum_fill, + :clamp_mss_to_pmtu, :ishasmorefrags, :islastfrag, :isfirstfrag, @@ -215,7 +217,7 @@ def self.iptables_save(*args) :tcp_flags, :uid, :gid, :mac_source, :sport, :dport, :port, :src_type, :dst_type, :socket, :pkttype, :name, :ipsec_dir, :ipsec_policy, :state, :ctstate, :icmp, :hop_limit, :limit, :burst, :recent, :rseconds, :reap, - :rhitcount, :rttl, :rname, :mask, :rsource, :rdest, :ipset, :jump, :gateway, :todest, + :rhitcount, :rttl, :rname, :mask, :rsource, :rdest, :ipset, :jump, :clamp_mss_to_pmtu, :gateway, :todest, :tosource, :toports, :checksum_fill, :log_level, :log_prefix, :reject, :set_mss, :mss, :set_mark, :match_mark, :connlimit_above, :connlimit_mask, :connmark, :time_start, :time_stop, :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone] diff --git a/firewall/lib/puppet/provider/firewall/iptables.rb b/firewall/lib/puppet/provider/firewall/iptables.rb index 7557ac71a..9c099fee7 100644 --- a/firewall/lib/puppet/provider/firewall/iptables.rb +++ b/firewall/lib/puppet/provider/firewall/iptables.rb @@ -53,6 +53,7 @@ @resource_map = { :burst => "--limit-burst", :checksum_fill => "--checksum-fill", + :clamp_mss_to_pmtu => "--clamp-mss-to-pmtu", :connlimit_above => "-m connlimit --connlimit-above", :connlimit_mask => "--connlimit-mask", :connmark => "-m connmark --mark", @@ -128,6 +129,7 @@ # to true if they exist. @known_booleans = [ :checksum_fill, + :clamp_mss_to_pmtu, :isfragment, :random, :rdest, @@ -240,7 +242,7 @@ def munge_resource_map_from_resource(resource_map_original, compare) :src_range, :dst_range, :tcp_flags, :uid, :gid, :mac_source, :sport, :dport, :port, :src_type, :dst_type, :socket, :pkttype, :name, :ipsec_dir, :ipsec_policy, :state, :ctstate, :icmp, :limit, :burst, :recent, :rseconds, :reap, - :rhitcount, :rttl, :rname, :mask, :rsource, :rdest, :ipset, :jump, :gateway, :set_mss, :todest, + :rhitcount, :rttl, :rname, :mask, :rsource, :rdest, :ipset, :jump, :clamp_mss_to_pmtu, :gateway, :set_mss, :todest, :tosource, :toports, :to, :checksum_fill, :random, :log_prefix, :log_level, :reject, :set_mark, :match_mark, :mss, :connlimit_above, :connlimit_mask, :connmark, :time_start, :time_stop, :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone ] diff --git a/firewall/lib/puppet/type/firewall.rb b/firewall/lib/puppet/type/firewall.rb index 0994504cb..9af7d3eee 100644 --- a/firewall/lib/puppet/type/firewall.rb +++ b/firewall/lib/puppet/type/firewall.rb @@ -860,6 +860,14 @@ def insync?(is) end end + newproperty(:clamp_mss_to_pmtu, :required_features => :iptables) do + desc <<-EOS + Sets the clamp mss to pmtu flag. + EOS + + newvalues(:true, :false) + end + newproperty(:set_mss, :required_features => :iptables) do desc <<-EOS Sets the TCP MSS value for packets. @@ -1341,8 +1349,8 @@ def insync?(is) end if value(:jump).to_s == "TCPMSS" - unless value(:set_mss) - self.fail "When using jump => TCPMSS, the set_mss property is required" + unless value(:set_mss) || value(:clamp_mss_to_pmtu) + self.fail "When using jump => TCPMSS, the set_mss or clamp_mss_to_pmtu property is required" end end diff --git a/firewall/metadata.json b/firewall/metadata.json index 65099d0f4..da9b29713 100644 --- a/firewall/metadata.json +++ b/firewall/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-firewall", - "version": "1.5.0", + "version": "1.6.0", "author": "Puppet Labs", "summary": "Manages Firewalls such as iptables", "license": "Apache-2.0", @@ -80,6 +80,6 @@ } ], "dependencies": [ - + ] } diff --git a/firewall/spec/acceptance/firewall_mss_spec.rb b/firewall/spec/acceptance/firewall_mss_spec.rb index 379801550..167c9586e 100644 --- a/firewall/spec/acceptance/firewall_mss_spec.rb +++ b/firewall/spec/acceptance/firewall_mss_spec.rb @@ -7,7 +7,7 @@ shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') end - describe 'set_mss' do + describe 'mss ipv4 tests' do context '1360' do it 'applies' do pp = <<-EOS @@ -33,10 +33,34 @@ class { '::firewall': } end end end + + context 'clamp_mss_to_pmtu' do + it 'applies' do + pp = <<-EOS + class { '::firewall': } + firewall { + '503 - clamp_mss_to_pmtu': + proto => 'tcp', + chain => 'FORWARD', + tcp_flags => 'SYN,RST SYN', + jump => 'TCPMSS', + clamp_mss_to_pmtu => true, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should contain the rule' do + shell('iptables-save') do |r| + expect(r.stdout).to match(/-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "503 - clamp_mss_to_pmtu" -j TCPMSS --clamp-mss-to-pmtu/) + end + end + end end if default['platform'] !~ /el-5/ - describe 'set_mss6' do + describe 'mss ipv6 tests' do context '1360' do it 'applies' do pp = <<-EOS @@ -63,6 +87,31 @@ class { '::firewall': } end end end + + context 'clamp_mss_to_pmtu' do + it 'applies' do + pp = <<-EOS + class { '::firewall': } + firewall { + '503 - clamp_mss_to_pmtu': + proto => 'tcp', + chain => 'FORWARD', + tcp_flags => 'SYN,RST SYN', + jump => 'TCPMSS', + clamp_mss_to_pmtu => true, + provider => 'ip6tables', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should contain the rule' do + shell('ip6tables-save') do |r| + expect(r.stdout).to match(/-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "503 - clamp_mss_to_pmtu" -j TCPMSS --clamp-mss-to-pmtu/) + end + end + end end end diff --git a/firewall/spec/fixtures/iptables/conversion_hash.rb b/firewall/spec/fixtures/iptables/conversion_hash.rb index 7ccaf48ea..ecd0887fc 100644 --- a/firewall/spec/fixtures/iptables/conversion_hash.rb +++ b/firewall/spec/fixtures/iptables/conversion_hash.rb @@ -554,6 +554,18 @@ :action => 'reject', }, }, + 'clamp_mss_to_pmtu' => { + :line => '-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "067 change max segment size" -j TCPMSS --clamp-mss-to-pmtu', + :table => 'filter', + :params => { + :name => '067 change max segment size', + :table => 'filter', + :proto => 'tcp', + :tcp_flags => 'SYN,RST SYN', + :jump => 'TCPMSS', + :clamp_mss_to_pmtu => true, + }, + }, } # This hash is for testing converting a hash to an argument line. @@ -1069,4 +1081,15 @@ }, :args => ["-t", :filter, "-p", :tcp, "-m", "comment", "--comment", "066 REJECT connlimit_above 10 with mask 32 and mark matches", "-j", "REJECT", "-m", "mark", "--mark", "0x1", "-m", "connlimit", "--connlimit-above", "10", "--connlimit-mask", "32"], }, + 'clamp_mss_to_pmtu' => { + :params => { + :name => '067 change max segment size', + :table => 'filter', + :proto => 'tcp', + :tcp_flags => 'SYN,RST SYN', + :jump => 'TCPMSS', + :clamp_mss_to_pmtu => true, + }, + :args => ["-t", :filter, "-p", :tcp, "-m", "tcp", "--tcp-flags", "SYN,RST", "SYN", "-m", "comment", "--comment", "067 change max segment size", "-j", "TCPMSS", "--clamp-mss-to-pmtu"], + }, } diff --git a/galera/README.md b/galera/README.md index c07953245..33da7f111 100644 --- a/galera/README.md +++ b/galera/README.md @@ -8,16 +8,9 @@ It depends on the mysql module from puppetlabs as well as xinetd. ### galera::server - Used to deploy and manage a MariaDB Galera server cluster. Installs - mariadb-galera-server and galera packages, configures galera.cnf and - starts mysqld service: + Used to configure a MariaDB Galera server cluster. class { 'galera::server': - config_hash => { - bind_address => '0.0.0.0', - default_engine => 'InnoDB', - root_password => 'root_pass', - }, wsrep_cluster_name => 'galera_cluster', wsrep_sst_method => 'rsync' wsrep_sst_username => 'ChangeMe', diff --git a/galera/manifests/monitor.pp b/galera/manifests/monitor.pp index ec038697a..cfef0c230 100644 --- a/galera/manifests/monitor.pp +++ b/galera/manifests/monitor.pp @@ -84,7 +84,7 @@ mysql_user { "${mysql_username}@${mysql_host}": ensure => present, password_hash => mysql_password($mysql_password), - require => [File['/root/.my.cnf'],Service['galera']], + require => [File['/root/.my.cnf'],Service['mysqld']], } } } diff --git a/galera/manifests/server.pp b/galera/manifests/server.pp index ca20bbede..f4f630efe 100644 --- a/galera/manifests/server.pp +++ b/galera/manifests/server.pp @@ -5,9 +5,6 @@ # # === Parameters: # -# [*mysql_server_hash*] -# Hash of mysql server parameters. -# # [*bootstrap*] # Defaults to false, boolean to set cluster boostrap. # @@ -17,21 +14,6 @@ # [*package_ensure*] # Ensure state for package. Can be specified as version. # -# [*service_name*] -# The name of the galera service. -# -# [*service_enable*] -# Defaults to true, boolean to set service enable. -# -# [*service_ensure*] -# Defaults to running, needed to set root password. -# -# [*service_provider*] -# What service provider to use. -# -# [*wsrep_bind_address*] -# Address to bind galera service. -# # [*wsrep_node_address*] # Address of local galera node. # @@ -64,8 +46,34 @@ # # [*debug*] # +# [*wsrep_bind_address*] +# Address to bind galera service. +# Deprecated, please use ::mysql::server class. +# +# [*mysql_server_hash*] +# Hash of mysql server parameters. +# Deprecated, please use ::mysql::server class. +# +# # [*manage_service*] # State of the service. +# Deprecated, please use ::mysql::server class. +# +# [*service_name*] +# The name of the galera service. +# Deprecated, please use ::mysql::server class. +# +# [*service_enable*] +# Defaults to true, boolean to set service enable. +# Deprecated, please use ::mysql::server class. +# +# [*service_ensure*] +# Defaults to running, needed to set root password. +# Deprecated, please use ::mysql::server class. +# +# [*service_provider*] +# What service provider to use. +# Deprecated, please use ::mysql::server class. # # === Actions: # @@ -73,11 +81,6 @@ # # === Sample Usage: # class { 'galera::server': -# config_hash => { -# bind_address => '0.0.0.0', -# default_engine => 'InnoDB', -# root_password => 'root_pass', -# }, # wsrep_cluster_name => 'galera_cluster', # wsrep_sst_method => 'rsync' # wsrep_sst_username => 'ChangeMe', @@ -85,14 +88,8 @@ # } # class galera::server ( - $mysql_server_hash = {}, $bootstrap = false, $debug = false, - $service_name = 'mariadb', - $service_enable = true, - $service_ensure = 'running', - $manage_service = false, - $wsrep_bind_address = '0.0.0.0', $wsrep_node_address = undef, $wsrep_provider = '/usr/lib64/galera/libgalera_smm.so', $wsrep_cluster_name = 'galera_cluster', @@ -103,11 +100,26 @@ $wsrep_ssl = false, $wsrep_ssl_key = undef, $wsrep_ssl_cert = undef, + $create_mysql_resource = true, + # DEPRECATED OPTIONS + $mysql_server_hash = {}, + $wsrep_bind_address = '0.0.0.0', + $manage_service = false, + $service_name = 'mariadb', + $service_enable = true, + $service_ensure = 'running', ) { + if $create_mysql_resource { + warning("DEPRECATED: ::mysql::server should be called manually, please set create_mysql_resource to false and call class ::mysql::server with your config") - $mysql_server_class = { 'mysql::server' => $mysql_server_hash } + $mysql_server_class = { 'mysql::server' => $mysql_server_hash } - create_resources( 'class', $mysql_server_class ) + create_resources( 'class', $mysql_server_class ) + } + + if $wsrep_bind_address { + warning("DEPRECATED: wsrep_bind_address is deprecated, you should use bind_address of mysql module") + } $wsrep_provider_options = wsrep_options({ 'socket.ssl' => $wsrep_ssl, @@ -123,10 +135,11 @@ owner => 'root', group => 'root', content => template('galera/wsrep.cnf.erb'), - notify => Service[$service_name], + notify => Service['mysqld'], } if $manage_service { + warning("DEPRECATED: service setup is deprecated, you should use mysql module for this.") service { 'galera': ensure => $service_ensure, name => $service_name, diff --git a/glance/manifests/registry.pp b/glance/manifests/registry.pp index b30d7f565..00fd78ac4 100644 --- a/glance/manifests/registry.pp +++ b/glance/manifests/registry.pp @@ -356,25 +356,27 @@ '/etc/glance/glance-registry-paste.ini']: } + if $sync_db { + Exec['glance-manage db_sync'] ~> Service['glance-registry'] + + exec { 'glance-manage db_sync': + command => $::glance::params::db_sync_command, + path => '/usr/bin', + user => 'glance', + refreshonly => true, + logoutput => on_failure, + subscribe => [Package[$glance::params::registry_package_name], File['/etc/glance/glance-registry.conf']], + } + } if $manage_service { if $enabled { - if $sync_db { - Exec['glance-manage db_sync'] ~> Service['glance-registry'] - - exec { 'glance-manage db_sync': - command => $::glance::params::db_sync_command, - path => '/usr/bin', - user => 'glance', - refreshonly => true, - logoutput => on_failure, - subscribe => [Package[$glance::params::registry_package_name], File['/etc/glance/glance-registry.conf']], - } - } $service_ensure = 'running' } else { $service_ensure = 'stopped' } + } else { + warning('Execution of db_sync does not depend on $manage_service or $enabled anymore. Please use sync_db instead.') } service { 'glance-registry': diff --git a/glance/spec/classes/glance_registry_spec.rb b/glance/spec/classes/glance_registry_spec.rb index 615ffa2c0..9f956dfcf 100644 --- a/glance/spec/classes/glance_registry_spec.rb +++ b/glance/spec/classes/glance_registry_spec.rb @@ -74,9 +74,9 @@ 'require' => 'Class[Glance]' )} - it 'is_expected.to only sync the db if the service is enabled' do + it 'is_expected.to only sync the db if sync_db is enabled' do - if param_hash[:enabled] and param_hash[:sync_db] + if param_hash[:sync_db] is_expected.to contain_exec('glance-manage db_sync').with( 'path' => '/usr/bin', 'command' => 'glance-manage --config-file=/etc/glance/glance-registry.conf db_sync', @@ -89,7 +89,7 @@ end it 'is_expected.to not sync the db if sync_db is set to false' do - if param_hash[:enabled] and !param_hash[:sync_db] + if !param_hash[:sync_db] is_expected.not_to contain_exec('glance-manage db_sync') end end diff --git a/haproxy/.travis.yml b/haproxy/.travis.yml index 52e0871be..cbf6f11df 100644 --- a/haproxy/.travis.yml +++ b/haproxy/.travis.yml @@ -14,9 +14,14 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/haproxy/README.md b/haproxy/README.md index 9cd355750..54052f3c9 100644 --- a/haproxy/README.md +++ b/haproxy/README.md @@ -1,7 +1,5 @@ #haproxy -[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-haproxy.svg?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-haproxy) - ####Table of Contents 1. [Overview](#overview) @@ -9,41 +7,32 @@ 3. [Setup - The basics of getting started with haproxy](#setup) * [Beginning with haproxy](#beginning-with-haproxy) 4. [Usage - Configuration options and additional functionality](#usage) - * [Configuring haproxy options](#configuring-haproxy-options) - * [Configuring an HAProxy daemon listener](#configuring-haproxy-daemon-listener) - * [Configuring HAProxy load-balanced member nodes](#configuring-haproxy-loadbalanced-member-nodes) - * [Configuring a load balancer with exported resources](#configuring-a-load-balancer-with-exported-resources) - * [Classes and Defined Types](#classes-and-defined-types) - * [Class: haproxy](#class-haproxy) - * [Defined Type: haproxy::balancermember](#defined-type-haproxybalancermember) - * [Defined Type: haproxy::backend](#defined-type-haproxybackend) - * [Defined type: haproxy::frontend](#defined-type-haproxyfrontend) - * [Defined type: haproxy::listen](#defined-type-haproxylisten) - * [Defined Type: haproxy::userlist](#define-type-haproxyuserlist) - * [Defined Type: haproxy::peers](#define-type-haproxypeers) - * [Defined Type: haproxy::peer](#define-type-haproxypeer) + * [Configure HAProxy options](#configure-haproxy-options) + * [Configure HAProxy daemon listener](#configure-haproxy-daemon-listener) + * [Configure multi-network daemon listener](#configure-multi-network-daemon-listener) + * [Configure HAProxy load-balanced member nodes](#configure-haproxy-load-balanced-member-nodes) + * [Configure a load balancer with exported resources](#configure-a-load-balancer-with-exported-resources) + * [Set up a frontend service](#set-up-a-frontend-service) + * [Set up a backend service](#set-up-a-backend-service) 5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) - * [Public classes and defined types](#public-classes-and-defined-types) - * [Private classes and defined types](#private-classes-and-defined-types) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) +6. [Limitations - OS compatibility, etc.](#limitations) +7. [Development - Guide for contributing to the module](#development) ##Overview -The haproxy module provides the ability to install, configure, and manage HAProxy. +The haproxy module lets you use Puppet to install, configure, and manage HAProxy. ##Module Description -HAProxy is a daemon for load-balancing and proxying TCP and HTTP-based services. -This module configures proxy servers and manages the configuration of backend member servers. +HAProxy is a daemon for load-balancing and proxying TCP- and HTTP-based services. This module lets you use Puppet to configure HAProxy servers and backend member servers. ##Setup ###Beginning with haproxy -The quickest way to get up and running using the haproxy module is to install and configure a basic HAProxy server that is listening on port 8140 and balanced against two nodes. +The quickest way to get up and running using the haproxy module is to install and configure a basic HAProxy server that is listening on port 8140 and balanced against two nodes: -```puppet +~~~puppet node 'haproxy-server' { class { 'haproxy': } haproxy::listen { 'puppet00': @@ -66,15 +55,15 @@ node 'haproxy-server' { options => 'check', } } -``` +~~~ ##Usage -###Configuring haproxy options +###Configure HAProxy options -The main [`haproxy` class](#class-haproxy) has many options for configuring your HAProxy server. +The main [`haproxy` class](#class-haproxy) has many options for configuring your HAProxy server: -```puppet +~~~puppet class { 'haproxy': global_options => { 'log' => "${::ipaddress} local0", @@ -102,14 +91,13 @@ class { 'haproxy': 'maxconn' => '8000', }, } -``` - -###Configuring HAProxy daemon listener +~~~ +###Configure HAProxy daemon listener To export the resource for a balancermember and collect it on a single HAProxy load balancer server: -```puppet +~~~puppet haproxy::listen { 'puppet00': ipaddress => $::ipaddress, ports => '18140', @@ -122,12 +110,13 @@ haproxy::listen { 'puppet00': 'balance' => 'roundrobin', }, } -``` -###Configuring multi-network daemon listener +~~~ + +###Configure multi-network daemon listener -One might have more advanced needs for the listen block, then use the `$bind` parameter: +If you need a more complex configuration for the listen block, use the `$bind` parameter: -```puppet +~~~puppet haproxy::listen { 'puppet00': mode => 'tcp', options => { @@ -144,14 +133,15 @@ haproxy::listen { 'puppet00': ':8443,:8444' => ['ssl', 'crt', 'internal.puppetlabs.com'] }, } -``` -Note: `$ports` or `$ipaddress` and `$bind` are mutually exclusive +~~~ -###Configuring HAProxy load-balanced member nodes +**Note:** `$ports` and `$ipaddress` cannot be used in combination with `$bind`. -First, export the resource for a balancer member. +###Configure HAProxy load-balanced member nodes -```puppet +First export the resource for a balancermember: + +~~~puppet @@haproxy::balancermember { 'haproxy': listening_service => 'puppet00', ports => '8140', @@ -159,17 +149,17 @@ First, export the resource for a balancer member. ipaddresses => $::ipaddress, options => 'check', } -``` +~~~ -Then, collect the resource on a load balancer. +Then collect the resource on a load balancer: -```puppet +~~~puppet Haproxy::Balancermember <<| listening_service == 'puppet00' |>> -``` +~~~ -Then, create the resource for multiple balancer members at once (this assumes a single-pass installation of HAProxy without requiring a first pass to export the resources, and is intended for situations where you know the members in advance). +Then create the resource for multiple balancermembers at once: -```puppet +~~~puppet haproxy::balancermember { 'haproxy': listening_service => 'puppet00', ports => '8140', @@ -177,12 +167,15 @@ haproxy::balancermember { 'haproxy': ipaddresses => ['192.168.56.200', '192.168.56.201'], options => 'check', } -``` -###Configuring a load balancer with exported resources +~~~ + +This example assumes a single-pass installation of HAProxy where you know the members in advance. Otherwise, you'd need a first pass to export the resources. -Install and configure an HAProxy server listening on port 8140 and balanced against all collected nodes. This HAProxy uses storeconfigs to collect and realize balancermember servers on a load balancer server. +###Configure a load balancer with exported resources -```puppet +Install and configure an HAProxy service listening on port 8140 and balanced against all collected nodes: + +~~~puppet node 'haproxy-server' { class { 'haproxy': } haproxy::listen { 'puppet00': @@ -200,140 +193,221 @@ node /^master\d+/ { options => 'check', } } -``` +~~~ -The resulting HAProxy server will automatically collect configurations from backend servers. The backend nodes will export their HAProxy configurations to the puppet master which will then distribute them to the HAProxy server. +The resulting HAProxy service uses storeconfigs to collect and realize balancermember servers, and automatically collects configurations from backend servers. The backend nodes export their HAProxy configurations to the Puppet master, which then distributes them to the HAProxy server. -###Classes and Defined Types +###Set up a frontend service -####Class: `haproxy` +This example routes traffic from port 8140 to all balancermembers added to a backend with the title 'puppet_backend00': -This is the main class of the module, guiding the installation and configuration of at least one HAProxy server. +~~~puppet +haproxy::frontend { 'puppet00': + ipaddress => $::ipaddress, + ports => '18140', + mode => 'tcp', + bind_options => 'accept-proxy', + options => { + 'default_backend' => 'puppet_backend00', + 'timeout client' => '30', + 'option' => [ + 'tcplog', + 'accept-invalid-http-request', + ], + }, +} +~~~ -**Parameters:** +If option order is important, pass an array of hashes to the `options` parameter: -#####`custom_fragment` -Allows arbitrary HAProxy configuration to be passed through to support additional configuration not otherwise available via parameters. Also allows arbitrary HAPRoxy configuration to short-circuit defined resources, such as `haproxy::listen`. Accepts a string (e.g. output from the template() function). Defaults to 'undef'. +~~~puppet +haproxy::frontend { 'puppet00': + ipaddress => $::ipaddress, + ports => '18140', + mode => 'tcp', + bind_options => 'accept-proxy', + options => [ + { 'default_backend' => 'puppet_backend00' }, + { 'timeout client' => '30' }, + { 'option' => [ + 'tcplog', + 'accept-invalid-http-request', + ], + } + ], +} +~~~ -#####`defaults_options` -All the default haproxy options, displayed in a hash. If you want to specify more than one option (i.e. multiple timeout or stats options), pass those options as an array and you will get a line for each of them in the resulting haproxy.cfg file. +This adds the frontend options to the configuration block in the same order as they appear within your array. -#####`global_options` -All the haproxy global options, displayed in a hash. If you want to specify more than one option (i.e. multiple timeout or stats options), pass those options as an array and you will get a line for each of them in the resulting haproxy.cfg file. +###Set up a backend service -#####`package_ensure` -Determines whether the HAProxy package should be installed or uninstalled. Defaults to 'present'. +~~~puppet +haproxy::backend { 'puppet00': + options => { + 'option' => [ + 'tcplog', + 'ssl-hello-chk', + ], + 'balance' => 'roundrobin', + }, +} +~~~ -#####`package_name` -Sets the HAProxy package name. Defaults to 'haproxy'. +If option order is important, pass an array of hashes to the `options` parameter: -#####`restart_command` -Specifies the command to use when restarting the service upon config changes. Passed directly as the restart parameter to the service resource. Defaults to 'undef', i.e. whatever the service default is. +~~~puppet +haproxy::backend { 'puppet00': + options => [ + { 'option' => [ + 'tcplog', + 'ssl-hello-chk', + ] + }, + { 'balance' => 'roundrobin' }, + { 'cookie' => 'C00 insert' }, + ], +} +~~~ -#####`service_ensure` -Determines whether the HAProxy service should be running & enabled at boot, or stopped and disabled at boot. Defaults to 'running'. +This adds the backend options to the configuration block in the same order as they appear within the array. -#####`service_manage` -Specifies whether the HAProxy service state should be managed by Puppet. Defaults to 'true'. +##Reference -####Defined Type: `haproxy::balancermember` +###Classes -This type will set up a balancermember inside a listening or backend service configuration block in /etc/haproxy/haproxy.cfg on the load balancer. Currently, it has the ability to specify the instance name, ip address, port, and whether or not it is a backup. +####Public classes -Automatic discovery of balancermember nodes may be implemented by exporting the balancermember resource for all HAProxy balancer member servers and then collecting them on the main HAProxy load balancer. +* [`haproxy`](#class-haproxy): Main configuration class. -**Parameters:** +####Private classes -#####`define_cookies` -Determines whether 'cookie SERVERID' stickiness options are added. Defaults to 'false'. +* `haproxy::params`: Sets parameter defaults per operating system. +* `haproxy::install`: Installs packages. +* `haproxy::config`: Configures haproxy.cfg. +* `haproxy::service`: Manages the haproxy service. -#####`ensure` -Determines whether the balancermember should be present or absent. Defaults to 'present'. +###Defines -#####`ipaddresses` -Specifies the IP address used to contact the balancer member server. Can be an array. If this parameter is specified as an array it must be the same length as the [`server\_names`](#server_names) parameter's array. A balancermember is created for each pair of addresses. These pairs will be multiplied, and additional balancermembers created, based on the number of `ports` specified. +####Public defines -#####`listening_service` -Sets the HAProxy service's instance name (or the title of the `haproxy::listen` resource). This must match a declared `haproxy::listen` resource. +* [`haproxy::listen`](#define-haproxylisten): Creates a listen entry in haproxy.cfg. +* [`haproxy::frontend`](#define-haproxyfrontend): Creates a frontend entry in haproxy.cfg. +* [`haproxy::backend`](#define-haproxybackend): Creates a backend entry in haproxy.cfg. +* [`haproxy::balancermember`](#define-haproxybalancermember): Creates server entries for listen or backend blocks in haproxy.cfg. +* [`haproxy::userlist`](#define-haproxyuserlist): Creates a userlist entry in haproxy.cfg. +* [`haproxy::peers`](#define-haproxypeers): Creates a peers entry in haproxy.cfg. +* [`haproxy::peer`](#define-haproxypeer): Creates server entries within a peers entry in haproxy.cfg. -#####`name` -Specifies the title of the resource. The `name` is arbitrary and only utilized in the concat fragment name. +####Private defines -#####`options` -An array of options to be specified after the server declaration in the listening service's configuration block. +* `haproxy::balancermember::collect_exported`: Collects exported balancermembers. +* `haproxy::peer::collect_exported`: Collects exported peers. -#####`ports` -Sets the ports on which the balancer member will accept connections from the load balancer. If ports are specified, it must be an array. If you use an array in `server\_names` and `ipaddresses`, the number of ports specified will multiply the number of balancermembers formed from the IP address and server name pairs. If no port is specified, the balancermember will receive the traffic on the same port the frontend receive it (Very useful if used with a frontend with multiple bind ports). +#### Class: `haproxy` -#####`server_names` -Sets the name of the balancermember server in the listening service's configuration block. Defaults to the hostname. Can be an array. If this parameter is specified as an array, it must be the same length as the [`ipaddresses`](#ipaddresses) parameter's array. A balancermember is created for each pair of `server\_names` and `ipaddresses` in the array.hese pairs will be multiplied, and additional balancermembers created, based on the number of `ports` specified. +Main class, includes all other classes. -####Defined Type: `haproxy::backend` +##### Parameters (all optional) -This type sets up a backend service configuration block inside the haproxy.cfg file on an HAProxy load balancer. Each backend service needs one or more load balancer member servers (declared with the [`haproxy::balancermember`](#defined-type-balancermember) defined type). +* `custom_fragment`: Inserts an arbitrary string into the configuration file. Useful for configurations not available through other parameters. Valid options: a string (e.g., output from the template() function). Default: undef. -Using storeconfigs, you can export the `haproxy::balancermember` resources on all load balancer member servers and collect them on a single HAProxy load balancer server. +* `defaults_options`: Configures all the default HAProxy options at once. Valid options: a hash of `option => value` pairs. To set an option multiple times (e.g. multiple 'timeout' or 'stats' values) pass its value as an array. Each element in your array results in a separate instance of the option, on a separate line in haproxy.cfg. Default: -**Parameters** +~~~puppet +{ + 'log' => 'global', + 'stats' => 'enable', + 'option' => 'redispatch', + 'retries' => '3', + 'timeout' => [ + 'http-request 10s', + 'queue 1m', + 'connect 10s', + 'client 1m', + 'server 1m', + 'check 10s', + ], + 'maxconn' => '8000' +} +~~~ + +* `global_options`: Configures all the global HAProxy options at once. Valid options: a hash of `option => value` pairs. To set an option multiple times (e.g. multiple 'timeout' or 'stats' values) pass its value as an array. Each element in your array results in a separate instance of the option, on a separate line in haproxy.cfg. Default: + +~~~puppet +{ + 'log' => "${::ipaddress} local0", + 'chroot' => '/var/lib/haproxy', + 'pidfile' => '/var/run/haproxy.pid', + 'maxconn' => '4000', + 'user' => 'haproxy', + 'group' => 'haproxy', + 'daemon' => '', + 'stats' => 'socket /var/lib/haproxy/stats' +} +~~~ -#####`name` -Sets the backend service's name. Generally, it will be the namevar of the defined resource type. This value appears right after the 'backend' statement in haproxy.cfg +* `package_ensure`: Specifies whether the HAProxy package should exist. Defaults to 'present'. Valid options: 'present' and 'absent'. Default: 'present'. -#####`options` -A hash or array of options that are inserted into the backend service configuration block. If you need to control exactly the order in which these options will appear in the backend service configuration block supply the options as an array of hashes, where each hash has one key-value pair that represents the option and its value. +* `package_name`: Specifies the name of the HAProxy package. Valid options: a string. Default: 'haproxy'. -#####`collect_exported` -Enables exported resources from `haproxy::balancermember` to be collected, serving as a form of autodiscovery. Displays as a Boolean and defaults to 'true'. +* `restart_command`: Specifies a command that Puppet can use to restart the service after configuration changes. Passed directly as the `restart` parameter to Puppet's native [`service` resource](https://docs.puppetlabs.com/references/latest/type.html#service). Valid options: a string. Default: undef (if not specified, Puppet uses the `service` default). -The 'true' value means exported balancermember resources, for the case when every balancermember node exports itself, will be collected. Whereas, 'false' means the existing declared balancermember resources will be relied on; this is meant for cases when you know the full set of balancermembers in advance and use `haproxy::balancermember` with array arguments, allowing you to deploy everything in a single run. +* `service_ensure`: Specifies whether the HAProxy service should be enabled at boot and running, or disabled at boot and stopped. Valid options: 'running' and 'stopped'. Default: 'running'. -#####Example +* `service_manage`: Specifies whether the state of the HAProxy service should be managed by Puppet. Valid options: 'true' and 'false'. Default: 'true'. -To export the resource for a backend service member, +#### Define: `haproxy::balancermember` -```puppet -haproxy::backend { 'puppet00': - options => { - 'option' => [ - 'tcplog', - 'ssl-hello-chk', - ], - 'balance' => 'roundrobin', - }, -} -``` +Configures a service inside a listening or backend service configuration block in haproxy.cfg. -If option order is important use an array of hashes for the `options` parameter to have the backend options appear in the resulting backend configuration block in the exact order in which they are specified in Puppet: +##### Parameters -```puppet -haproxy::backend { 'puppet00': - options => [ - { 'option' => [ - 'tcplog', - 'ssl-hello-chk', - ] - }, - { 'balance' => 'roundrobin' }, - { 'cookie' => 'C00 insert' }, - ], -} -``` +* `define_cookies`: *Optional.* Specifies whether to add 'cookie SERVERID' stickiness options. Valid options: 'true' and 'false'. Default: 'false'. + +* `ensure`: Specifies whether the balancermember should be listed in haproxy.cfg. Valid options: 'present' and 'absent'. Default: 'present'. + +* `ipaddresses`: *Optional.* Specifies the IP address used to contact the balancermember service. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to the `server_names` parameter. For each pair of entries in the `ipaddresses` and `server_names` arrays, Puppet creates server entries in haproxy.cfg targeting each port specified in the `ports` parameter. Default: the value of the `$::ipaddress` fact. + +* `listening_service`: *Required.* Associates the balancermember with an `haproxy::listen` resource. Valid options: a string matching the title of a declared `haproxy::listen` resource. + +* `options`: *Optional.* Adds one or more options to the listening service's configuration block in haproxy.cfg, following the server declaration. Valid options: a string or an array. Default: ''. + +* `ports`: *Optional.* Specifies one or more ports on which the load balancer sends connections to balancermembers. Valid options: an array. Default: undef. If no port is specified, the load balancer forwards traffic on the same port as received on the frontend. + +* `server_names`: *Required unless `collect_exported` is set to `true`.* Sets the name of the balancermember service in the listening service's configuration block in haproxy.cfg. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to the `ipaddresses` parameter. For each pair of entries in the `ipaddresses` and `server_names` arrays, Puppet creates server entries in haproxy.cfg targeting each port specified in the `ports` parameter. Default: the value of the `$::hostname` fact. + +#### Define: `haproxy::backend` -####Defined type: `haproxy::frontend` +Sets up a backend service configuration block inside haproxy.cfg. Each backend service needs one or more balancermember services (declared with the [`haproxy::balancermember` define](#define-haproxybalancermember)). -This type sets up a frontend service configuration block in haproxy.cfg. The HAProxy daemon uses the directives in the .cfg file to determine which ports/IPs to listen on and route traffic on those ports/IPs to specified balancermembers. +##### Parameters -**Parameters** +* `collect_exported`: *Optional.* Specifies whether to collect resources exported by other nodes. This serves as a form of autodiscovery. Valid options: 'true' and 'false'. If set to 'false', Puppet only manages balancermembers that you specify through the `haproxy::balancermembers` define. Default: 'true'. -#####`bind_options` -Lists an array of options to be specified after the bind declaration in the bind's configuration block. **Deprecated**: This parameter is being deprecated in favor of $bind +* `name`: *Optional.* Supplies a name for the backend service. This value appears right after the 'backend' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. -#####`bind` -A hash of listening addresses/ports, and a list of parameters that make up the listen service's `bind` lines. This is the most flexible way to configure listening services in a frontend or listen directive. See http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-bind for details. +* `options`: *Optional.* Adds one or more options to the backend service's configuration block in haproxy.cfg. Valid options: a hash or an array. To control the ordering of these options within the configuration block, supply an array of hashes where each hash contains one 'option => value' pair. Default: -The hash keys represent the listening address and port, such as `192.168.122.1:80`, `10.1.1.1:8900-9000`, `:80,:8080` or `/var/run/haproxy-frontend.sock` and the key's value is an array of bind options for that listening address, such as `[ 'ssl', 'crt /etc/ssl/puppetlabs.com.crt', 'no-sslv3' ]`. Example: +~~~puppet +{ + 'option' => [ + 'tcplog', + 'ssl-hello-chk' + ], + 'balance' => 'roundrobin' +} +~~~ + +#### Define: `haproxy::frontend` -```puppet +Sets up a backend service configuration block inside haproxy.cfg. Each backend service needs one or more balancermember services (declared with the [`haproxy::balancermember` define](#define-haproxybalancermember)). + +##### Parameters + +* `bind`: *Required unless `ports` and `ipaddress` are specified.* Adds one or more bind lines to the frontend service's configuration block in haproxy.cfg. Valid options: a hash of `'address:port' => [parameters]` pairs, where the key is a comma-delimited list of one or more listening addresses and ports passed as a string, and the value is an array of bind options. For example: + +~~~puppet bind => { '168.12.12.12:80' => [], '192.168.1.10:8080,192.168.1.10:8081' => [], @@ -341,81 +415,39 @@ bind => { ':8443,:8444' => ['ssl', 'crt', 'internal.puppetlabs.com'], '/var/run/haproxy-frontend.sock' => [ 'user root', 'mode 600', 'accept-proxy' ], } -``` - -#####`ipaddress` -Specifies the IP address the proxy binds to. No value, '\*', and '0.0.0.0' mean that the proxy listens to all valid addresses on the system. +~~~ -#####`mode` -Sets the mode of operation for the frontend service. Valid values are 'undef', 'tcp', 'http', and 'health'. +For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-bind). -#####`name` -Sets the frontend service's name. Generally, it will be the namevar of the defined resource type. This value appears right after the 'fronted' statement in haproxy.cfg. +* `bind_options`: Deprecated. This setting has never functioned in any version of the haproxy module. Use `bind` instead. -#####`options` -A hash or array of options that are inserted into the backend service configuration block. If you need to control exactly the order in which these options will appear in the backend service configuration block supply the options as an array of hashes, where each hash has one key-value pair that represents the option and its value. See Example section right below. +* `ipaddress`: *Required unless `bind` is specified.* Specifies an IP address for the proxy to bind to. Valid options: a string. If left unassigned or set to '*' or '0.0.0.0', the proxy listens to all valid addresses on the system. -#####`ports` -Sets the ports to listen on for the address specified in `ipaddress`. Accepts a single, comma-separated string or an array of strings, which may be ports or hyphenated port ranges. +* `mode`: *Optional.* Sets the mode of operation for the frontend service. Valid options: 'tcp', 'http', and 'health'. Default: undef. -#####Example +* `name`: *Optional.* Supplies a name for the frontend service. This value appears right after the 'frontend' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. -To route traffic from port 8140 to all balancermembers added to a backend with the title 'puppet_backend00', +* `options`: *Optional.* Adds one or more options to the frontend service's configuration block in haproxy.cfg. Valid options: a hash or an array. To control the ordering of these options within the configuration block, supply an array of hashes where each hash contains one 'option => value' pair. Default: -```puppet -haproxy::frontend { 'puppet00': - ipaddress => $::ipaddress, - ports => '18140', - mode => 'tcp', - bind_options => 'accept-proxy', - options => { - 'default_backend' => 'puppet_backend00', - 'timeout client' => '30', - 'option' => [ +~~~puppet +{ + 'option' => [ 'tcplog', - 'accept-invalid-http-request', ], - }, } -``` +~~~ -If option order is important use an array of hashes for the `options` parameter to have the frontend options appear in the resulting frontned configuration block in the exact order in which they are specified in Puppet: +* `ports`: *Required unless `bind` is specified.* Specifies which ports to listen on for the address specified in `ipaddress`. Valid options: an array of port numbers and/or port ranges or a string containing a comma-delimited list of port numbers/ranges. -```puppet -haproxy::frontend { 'puppet00': - ipaddress => $::ipaddress, - ports => '18140', - mode => 'tcp', - bind_options => 'accept-proxy', - options => [ - { 'default_backend' => 'puppet_backend00' }, - { 'timeout client' => '30' }, - { 'option' => [ - 'tcplog', - 'accept-invalid-http-request', - ], - } - ], -} -``` - -####Defined type: `haproxy::listen` - -This type sets up a listening service configuration block inside the haproxy.cfg file on an HAProxy load balancer. Each listening service configuration needs one or more load balancer member server (declared with the [`haproxy::balancermember`](#defined-type-balancermember) defined type). +#### Define: `haproxy::listen` -Using storeconfigs, you can export the `haproxy::balancermember` resources on all load balancer member servers and collect them on a single HAProxy load balancer server. +Sets up a listening service configuration block inside haproxy.cfg. Each listening service configuration needs one or more balancermember services (declared with the [`haproxy::balancermember` define](#define-haproxybalancermember)). -**Parameters:** +##### Parameters -#####`bind_options` -Sets the options to be specified after the bind declaration in the listening service's configuration block. Displays as an array. **Deprecated**: This parameter is being deprecated in favor of $bind +* `bind`: *Required unless `ports` and `ipaddress` are specified.* Adds one or more bind options to the listening service's configuration block in haproxy.cfg. Valid options: a hash of `'address:port' => [parameters]` pairs, where the key is a comma-delimited list of one or more listening addresses and ports passed as a string, and the value is an array of bind options. For example: -#####`bind` -A hash of listening addresses/ports, and a list of parameters that make up the listen service's `bind` lines. This is the most flexible way to configure listening services in a frontend or listen directive. See http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-bind for details. - -The hash keys represent the listening address and port, such as `192.168.122.1:80`, `10.1.1.1:8900-9000`, `:80,:8080` or `/var/run/haproxy-frontend.sock` and the key's value is an array of bind options for that listening address, such as `[ 'ssl', 'crt /etc/ssl/puppetlabs.com.crt', 'no-sslv3' ]`. Example: - -```puppet +~~~puppet bind => { '168.12.12.12:80' => [], '192.168.1.10:8080,192.168.1.10:8081' => [], @@ -423,109 +455,78 @@ bind => { ':8443,:8444' => ['ssl', 'crt', 'internal.puppetlabs.com'], '/var/run/haproxy-frontend.sock' => [ 'user root', 'mode 600', 'accept-proxy' ], } -``` - -#####`collect_exported` -Enables exported resources from `haproxy::balancermember` to be collected, serving as a form of autodiscovery. Displays as a Boolean and defaults to 'true'. - -The 'true' value means exported balancermember resources, for the case when every balancermember node exports itself, will be collected. Whereas, 'false' means the existing declared balancermember resources will be relied on; this is meant for cases when you know the full set of balancermembers in advance and use `haproxy::balancermember` with array arguments, allowing you to deploy everything in a single run. +~~~ -#####`ipaddress` -Specifies the IP address the proxy binds to. No value, '\*', and '0.0.0.0' mean that the proxy listens to all valid addresses on the system. +For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-bind). -#####`mode` -Specifies the mode of operation for the listening service. Valid values are 'undef', 'tcp', 'http', and 'health'. +* `bind_options`: Deprecated. This setting has never functioned in any version of the haproxy module. Use `bind` instead. -#####`name` -Sets the listening service's name. Generally, it will be the namevar of the defined resource type. This value appears right after the 'listen' statement in haproxy.cfg. +* `collect_exported`: *Optional.* Specifies whether to collect resources exported by other nodes. This serves as a form of autodiscovery. Valid options: 'true' and 'false'. If set to 'false', Puppet only manages balancermembers that you specify through the `haproxy::balancermembers` define. Default: 'true'. -#####`options` -A hash or array of options that are inserted into the backend service configuration block. If you need to control exactly the order in which these options will appear in the backend service configuration block supply the options as an array of hashes, where each hash has one key-value pair that represents the option and its value. See Example sections for backend and frontend above. +* `ipaddress`: *Required unless `bind` is specified.* Specifies an IP address for the proxy to bind to. Valid options: a string. If left unassigned or set to '*' or '0.0.0.0', the proxy listens to all valid addresses on the system. -#####`ports` -Sets the ports to listen on for the address specified in `ipaddress`. Accepts a single, comma-separated string or an array of strings, which may be ports or hyphenated port ranges. +* `mode`: *Optional.* Sets the mode of operation for the listening service. Valid options: 'tcp', 'http', and 'health'. Default: undef. -####Defined Type: `haproxy::userlist` +* `name`: *Optional.* Supplies a name for the listening service. This value appears right after the 'listen' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. -This type sets up a [userlist configuration block](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4) inside the haproxy.cfg file on an HAProxy load balancer. +* `options`: *Optional.* Adds one or more options to the listening service's configuration block in haproxy.cfg. Valid options: a hash or an array. To control the ordering of these options within the configuration block, supply an array of hashes where each hash contains one 'option => value' pair. -**Parameters:** +* `ports`: *Required unless `bind` is specified.* Specifies which ports to listen on for the address specified in `ipaddress`. Valid options: a single comma-delimited string or an array of strings. Each string can contain a port number or a hyphenated range of port numbers (e.g., 8443-8450). -#####`name` -Sets the userlist's name. Generally it will be the namevar of the defined resource type. This value appears right after the 'userlist' statement in haproxy.cfg +#### Define: `haproxy::userlist` +Sets up a [userlist configuration block](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4) inside haproxy.cfg. -#####`users` -An array of users in the userlist. See http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-user +##### Parameters -#####`groups` -An array of groups in the userlist. See http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-group +* `groups`: *Required unless `users` is specified.* Adds groups to the userlist. For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-group). Valid options: an array of groupnames. Default: undef. +* `name`: *Optional.* Supplies a name for the userlist. This value appears right after the 'listen' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. -####Defined Type: `haproxy::peers` +* `users`: *Required unless `groups` is specified.* Adds users to the userlist. For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-user). Valid options: an array of usernames. Default: undef. -This type will set up a peers entry in /etc/haproxy/haproxy.cfg on the load balancer. This setting is required to share the current state of HAproxy with other HAproxy in High available configurations. +#### Define: `haproxy::peers` -** parameters ** +Sets up a peers entry in haproxy.cfg on the load balancer. This entry is required to share the current state of HAProxy with other HAProxy instances in high-availability configurations. -#####`name` -Sets the peers' name. Generally it will be the namevar of the defined resource type. This value appears right after the 'peers' statement in haproxy.cfg +##### Parameters +* `collect_exported`: *Optional.* Specifies whether to collect resources exported by other nodes. This serves as a form of autodiscovery. Valid options: 'true' and 'false'. Default: 'true'. -####Defined Type: `haproxy::peer` +* `name`: *Optional.* Appends a name to the peers entry in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. -This type will set up a peer entry inside the peers configuration block in /etc/haproxy/haproxy.cfg on the load balancer. Currently, it has the ability to specify the instance name, ip address, ports and server_names. +#### Define: `haproxy::peer` -Automatic discovery of peer nodes may be implemented by exporting the peer resource for all HAProxy balancer servers that are configured in the same HA block and then collecting them on all load balancers. +Sets up a peer entry inside the peers configuration block in haproxy.cfg. -**Parameters:** +##### Parameters -#####`peers_name` -Specifies the peer in which this load balancer needs to be added. +* `ensure`: Specifies whether the peer should exist in the configuration block. Valid options: 'present' or 'absent'. Default: 'present'. -#####`server_names` -Sets the name of the peer server in the peers configuration block. Defaults to the hostname. Can be an array. If this parameter is specified as an array, it must be the same length as the [`ipaddresses`](#ipaddresses) parameter's array. A peer is created for each pair of `server\_names` and `ipaddresses` in the array. +* `ipaddresses`: *Required unless the `collect_exported` parameter of your `haproxy::peers` resource is set to `true`.* Specifies the IP address used to contact the peer member server. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to the `server_names` parameter. Puppet pairs up the elements from both arrays and creates a peer for each pair of values. Default: the value of the `$::ipaddress` fact. -####`ensure` -Whether to add or remove the peer. Defaults to 'present'. Valid values are 'present' and 'absent'. +* `peers_name`: *Required.* Specifies the peer in which to add the load balancer. Valid options: a string containing the name of an HAProxy peer. -#####`ipaddresses` -Specifies the IP address used to contact the peer member server. Can be an array. If this parameter is specified as an array it must be the same length as the [`server\_names`](#server_names) parameter's array. A peer is created for each pair of address and server_name. +* `ports`: *Required.* Specifies the port on which the load balancer sends connections to peers. Valid options: a string containing a port number. -#####`ports` -Sets the port on which the peer is going to share the state. - - -##Reference - -###Public classes and defined types - -* Class `haproxy`: Main configuration class -* Define `haproxy::listen`: Creates a listen entry in the config -* Define `haproxy::frontend`: Creates a frontend entry in the config -* Define `haproxy::backend`: Creates a backend entry in the config -* Define `haproxy::balancermember`: Creates server entries for listen or backend blocks. -* Define `haproxy::userlist`: Creates a userlist entry in the config -* Define `haproxy::peers`: Creates a peers entry in the config -* Define `haproxy::peer`: Creates server entries for ha configuration inside peers. - -###Private classes and defined types - -* Class `haproxy::params`: Per-operatingsystem defaults. -* Class `haproxy::install`: Installs packages. -* Class `haproxy::config`: Configures haproxy.cfg. -* Class `haproxy::service`: Manages service. -* Define `haproxy::balancermember::collect_exported`: Collects exported balancermembers -* Define `haproxy::peer::collect_exported`: Collects exported peers +* `server_names`: *Required unless the `collect_exported` parameter of your `haproxy::peers` resource is set to `true`.* Sets the name of the peer server as listed in the peers configuration block. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to `ipaddresses`. Puppet pairs up the elements from both arrays and creates a peer for each pair of values. Default: the value of the `$::hostname` fact. ##Limitations -RedHat and Debian family OSes are officially supported. Tested and built on Ubuntu and CentOS. Also compatible with Gentoo. +This module is tested and officially supported on the following platforms: + +* RHEL versions 5, 6, and 7 +* Ubuntu versions 10.04, 12.04, and 14.04 +* Debian versions 6 and 7 +* Scientific Linux versions 5, 6, and 7 +* CentOS versions 5, 6, and 7 +* Oracle Linux versions 5, 6, and 7 -##Development +Testing on other platforms has been light and cannot be guaranteed. -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. +## Development +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. +For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) +To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-haproxy/graphs/contributors) \ No newline at end of file diff --git a/haproxy/manifests/params.pp b/haproxy/manifests/params.pp index dc955244b..5dff1b327 100644 --- a/haproxy/manifests/params.pp +++ b/haproxy/manifests/params.pp @@ -6,7 +6,7 @@ # class haproxy::params { case $::osfamily { - 'Archlinux', 'Debian', 'Redhat', 'Gentoo' : { + 'Archlinux', 'Debian', 'Redhat', 'Gentoo', 'Suse' : { $package_name = 'haproxy' $global_options = { 'log' => "${::ipaddress} local0", diff --git a/heat/Gemfile b/heat/Gemfile index 571fd65dc..4c65317ac 100644 --- a/heat/Gemfile +++ b/heat/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-param-docs' diff --git a/heat/spec/acceptance/basic_heat_spec.rb b/heat/spec/acceptance/basic_heat_spec.rb index 09c96567f..572f80b8f 100644 --- a/heat/spec/acceptance/basic_heat_spec.rb +++ b/heat/spec/acceptance/basic_heat_spec.rb @@ -9,27 +9,41 @@ Exec { logoutput => 'on_failure' } # Common resources - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': @@ -91,7 +105,7 @@ class { '::heat::keystone::auth': class { '::heat::client': } class { '::heat::api': } class { '::heat::engine': - auth_encryption_key => 'secrete_key', + auth_encryption_key => '1234567890AZERTYUIOPMLKJHGFDSQ12', } class { '::heat::api_cloudwatch': } class { '::heat::api_cfn': } diff --git a/heat/spec/acceptance/nodesets/nodepool-centos7.yml b/heat/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/heat/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/heat/spec/acceptance/nodesets/nodepool.yml b/heat/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from heat/spec/acceptance/nodesets/nodepool.yml rename to heat/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/heat/spec/spec_helper_acceptance.rb b/heat/spec/spec_helper_acceptance.rb index 497e728dc..bef7ec2aa 100644 --- a/heat/spec/spec_helper_acceptance.rb +++ b/heat/spec/spec_helper_acceptance.rb @@ -27,14 +27,19 @@ # install library modules from the forge on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'heat') diff --git a/horizon/Gemfile b/horizon/Gemfile index 62fac340e..0014b44f8 100644 --- a/horizon/Gemfile +++ b/horizon/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'puppet-lint', '~> 1.1.0' gem 'metadata-json-lint' diff --git a/horizon/spec/acceptance/horizon_with_apache_spec.rb b/horizon/spec/acceptance/horizon_with_apache_spec.rb index 011d3c631..62b6df1cf 100644 --- a/horizon/spec/acceptance/horizon_with_apache_spec.rb +++ b/horizon/spec/acceptance/horizon_with_apache_spec.rb @@ -8,19 +8,32 @@ pp= <<-EOS Exec { logoutput => 'on_failure' } - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - repos => 'kilo/main', - required_packages => 'ubuntu-cloud-keyring', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': refreshonly => true, } - Apt::Source['trusty-updates-kilo'] -> Package<| |> + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } + } class { '::horizon': secret_key => 'big_secret', @@ -37,8 +50,14 @@ class { '::horizon': end # basic test for now, to make sure Apache serve /horizon dashboard - describe command('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://localhost/horizon/ -o /dev/null') do - it { should return_exit_status 0 } + if os[:family] == 'Debian' + describe command('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://localhost/horizon/ -o /dev/null') do + it { should return_exit_status 0 } + end + elsif os[:family] == 'RedHat' + describe command('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://localhost/dashboard/ -o /dev/null') do + it { should return_exit_status 0 } + end end end diff --git a/horizon/spec/acceptance/nodesets/default.yml b/horizon/spec/acceptance/nodesets/default.yml index 0070b84c7..a2c1ecc63 100644 --- a/horizon/spec/acceptance/nodesets/default.yml +++ b/horizon/spec/acceptance/nodesets/default.yml @@ -1,11 +1,9 @@ HOSTS: - ubuntu-server-1404-x64: + ubuntu-14.04-amd64: roles: - master platform: ubuntu-14.04-amd64 - box : trusty-server-cloudimg-amd64-vagrant-disk1 - box_url : puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant + hypervisor : none + ip: 127.0.0.1 CONFIG: - log_level : debug - type: git + type: foss diff --git a/horizon/spec/acceptance/nodesets/nodepool-centos7.yml b/horizon/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/horizon/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/ironic/spec/acceptance/nodesets/nodepool.yml b/horizon/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from ironic/spec/acceptance/nodesets/nodepool.yml rename to horizon/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/horizon/spec/spec_helper_acceptance.rb b/horizon/spec/spec_helper_acceptance.rb index 5c8cf4653..ee9a424b4 100644 --- a/horizon/spec/spec_helper_acceptance.rb +++ b/horizon/spec/spec_helper_acceptance.rb @@ -33,6 +33,7 @@ # while lsb-release is installed. on host, puppet('module','install','puppetlabs-apt','--version', '1.8.0'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','saz/memcached'), { :acceptable_exit_codes => 0 } + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'horizon') diff --git a/inifile/.travis.yml b/inifile/.travis.yml index ecf7d9076..742380f6b 100644 --- a/inifile/.travis.yml +++ b/inifile/.travis.yml @@ -14,5 +14,10 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/inifile/lib/puppet/parser/functions/create_ini_settings.rb b/inifile/lib/puppet/parser/functions/create_ini_settings.rb new file mode 100644 index 000000000..8e14591f1 --- /dev/null +++ b/inifile/lib/puppet/parser/functions/create_ini_settings.rb @@ -0,0 +1,86 @@ +# +# create_ini_settings.rb +# + +module Puppet::Parser::Functions + newfunction(:create_ini_settings, :type => :statement, :doc => <<-EOS +Uses create_resources to create a set of ini_setting resources from a hash: + + $settings = { section1 => { + setting1 => val1 + }, + section2 => { + setting2 => val2, + setting3 => { + ensure => absent + } + } + } + $defaults = { + path => '/tmp/foo.ini' + } + create_ini_settings($settings,$defaults) + + +Will create the following resources + + ini_setting{'[section1] setting1': + ensure => present, + section => 'section1', + setting => 'setting1', + value => 'val1', + path => '/tmp/foo.ini', + } + ini_setting{'[section2] setting2': + ensure => present, + section => 'section2', + setting => 'setting2', + value => 'val2', + path => '/tmp/foo.ini', + } + ini_setting{'[section2] setting3': + ensure => absent, + section => 'section2', + setting => 'setting3', + path => '/tmp/foo.ini', + } + +EOS + ) do |arguments| + + raise(Puppet::ParseError, "create_ini_settings(): Wrong number of arguments " + + "given (#{arguments.size} for 1 or 2)") unless arguments.size.between?(1,2) + + settings = arguments[0] + defaults = arguments[1] || {} + + if [settings,defaults].any?{|i| !i.is_a?(Hash) } + raise(Puppet::ParseError, + 'create_ini_settings(): Requires all arguments to be a Hash') + end + + resources = settings.keys.inject({}) do |res, section| + raise(Puppet::ParseError, + "create_ini_settings(): Section #{section} must contain a Hash") \ + unless settings[section].is_a?(Hash) + + settings[section].each do |setting, value| + res["[#{section}] #{setting}"] = { + 'ensure' => 'present', + 'section' => section, + 'setting' => setting, + }.merge(if value.is_a?(Hash) + value + else + { 'value' => value, } + end) + end + res + end + + Puppet::Parser::Functions.function('create_resources') + function_create_resources(['ini_setting',resources,defaults]) + end +end + +# vim: set ts=2 sw=2 et : diff --git a/inifile/spec/classes/create_ini_settings_test_spec.rb b/inifile/spec/classes/create_ini_settings_test_spec.rb new file mode 100644 index 000000000..4e6683aa0 --- /dev/null +++ b/inifile/spec/classes/create_ini_settings_test_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper' +# end-to-end test of the create_init_settings function +describe 'create_ini_settings_test' do + it { should have_ini_setting_resource_count(3) } + it { should contain_ini_setting('[section1] setting1').with( + :ensure => 'present', + :section => 'section1', + :setting => 'setting1', + :value => 'val1', + :path => '/tmp/foo.ini' + )} + it { should contain_ini_setting('[section2] setting2').with( + :ensure => 'present', + :section => 'section2', + :setting => 'setting2', + :value => 'val2', + :path => '/tmp/foo.ini' + )} + it { should contain_ini_setting('[section2] setting3').with( + :ensure => 'absent', + :section => 'section2', + :setting => 'setting3', + :path => '/tmp/foo.ini' + )} +end diff --git a/inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp b/inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp new file mode 100644 index 000000000..8e6daf93e --- /dev/null +++ b/inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp @@ -0,0 +1,17 @@ +# simple test class +class create_ini_settings_test { + $settings = { section1 => { + setting1 => val1 + }, + section2 => { + setting2 => val2, + setting3 => { + ensure => absent + } + } + } + $defaults = { + path => '/tmp/foo.ini' + } + create_ini_settings($settings,$defaults) +} diff --git a/inifile/spec/functions/create_ini_settings_spec.rb b/inifile/spec/functions/create_ini_settings_spec.rb new file mode 100644 index 000000000..e40fb09aa --- /dev/null +++ b/inifile/spec/functions/create_ini_settings_spec.rb @@ -0,0 +1,23 @@ +#! /usr/bin/env ruby + +require 'spec_helper' +require 'rspec-puppet' + +describe 'create_ini_settings' do + before :each do + Puppet::Parser::Functions.autoloader.loadall + Puppet::Parser::Functions.function(:create_resources) + end + + describe 'argument handling' do + it { should run.with_params.and_raise_error(Puppet::ParseError, /0 for 1 or 2/) } + it { should run.with_params(1,2,3).and_raise_error(Puppet::ParseError, /3 for 1 or 2/) } + it { should run.with_params('foo').and_raise_error(Puppet::ParseError, /Requires all arguments/) } + it { should run.with_params({},'foo').and_raise_error(Puppet::ParseError, /Requires all arguments/) } + + it { should run.with_params({}) } + it { should run.with_params({},{}) } + + it { should run.with_params({ 1 => 2 }).and_raise_error(Puppet::ParseError, /Section 1 must contain a Hash/) } + end +end diff --git a/ironic/Gemfile b/ironic/Gemfile index 0d86f5b55..5f76c2d3e 100644 --- a/ironic/Gemfile +++ b/ironic/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-absolute_classname-check' diff --git a/ironic/spec/acceptance/basic_ironic_spec.rb b/ironic/spec/acceptance/basic_ironic_spec.rb index 0c5ab0ef9..1bf901e6f 100644 --- a/ironic/spec/acceptance/basic_ironic_spec.rb +++ b/ironic/spec/acceptance/basic_ironic_spec.rb @@ -9,27 +9,41 @@ Exec { logoutput => 'on_failure' } # Common resources - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': @@ -73,25 +87,32 @@ class { '::keystone::endpoint': admin_url => "https://${::fqdn}:35357/", } - # Ironic resources - class { '::ironic': - rabbit_userid => 'ironic', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - database_connection => 'mysql://ironic:a_big_secret@127.0.0.1/ironic?charset=utf8', + case $::osfamily { + 'Debian': { + # Ironic resources + class { '::ironic': + rabbit_userid => 'ironic', + rabbit_password => 'an_even_bigger_secret', + rabbit_host => '127.0.0.1', + database_connection => 'mysql://ironic:a_big_secret@127.0.0.1/ironic?charset=utf8', + } + class { '::ironic::db::mysql': + password => 'a_big_secret', + } + class { '::ironic::keystone::auth': + password => 'a_big_secret', + } + class { '::ironic::client': } + class { '::ironic::conductor': } + class { '::ironic::api': + admin_password => 'a_big_secret', + } + class { '::ironic::drivers::ipmi': } + } + 'RedHat': { + warning("Ironic packaging is not ready on ${::osfamily}.") + } } - class { '::ironic::db::mysql': - password => 'a_big_secret', - } - class { '::ironic::keystone::auth': - password => 'a_big_secret', - } - class { '::ironic::client': } - class { '::ironic::conductor': } - class { '::ironic::api': - admin_password => 'a_big_secret', - } - class { '::ironic::drivers::ipmi': } EOS @@ -100,8 +121,10 @@ class { '::ironic::drivers::ipmi': } apply_manifest(pp, :catch_changes => true) end - describe port(6385) do - it { is_expected.to be_listening.with('tcp') } + if os[:family] == 'Debian' + describe port(6385) do + it { is_expected.to be_listening.with('tcp') } + end end end diff --git a/ironic/spec/acceptance/nodesets/nodepool-centos7.yml b/ironic/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/ironic/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/keystone/spec/acceptance/nodesets/nodepool.yml b/ironic/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from keystone/spec/acceptance/nodesets/nodepool.yml rename to ironic/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/ironic/spec/spec_helper_acceptance.rb b/ironic/spec/spec_helper_acceptance.rb index e155d11b3..3479b74c6 100644 --- a/ironic/spec/spec_helper_acceptance.rb +++ b/ironic/spec/spec_helper_acceptance.rb @@ -27,14 +27,19 @@ # install library modules from the forge on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'ironic') diff --git a/keystone/Gemfile b/keystone/Gemfile index 519db4b6f..e8271383f 100644 --- a/keystone/Gemfile +++ b/keystone/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-param-docs' diff --git a/keystone/manifests/init.pp b/keystone/manifests/init.pp index 20fbb7abc..e7016929d 100644 --- a/keystone/manifests/init.pp +++ b/keystone/manifests/init.pp @@ -778,6 +778,8 @@ } else { $service_ensure = 'stopped' } + } else { + warning('Execution of db_sync does not depend on $enabled anymore. Please use sync_db instead.') } if $service_name == $::keystone::params::service_name { @@ -824,7 +826,7 @@ fail('Invalid service_name. Either keystone/openstack-keystone for running as a standalone service, or httpd for being run by a httpd server') } - if $enabled and $sync_db { + if $sync_db { include ::keystone::db::sync Class['::keystone::db::sync'] ~> Service[$service_name] } diff --git a/keystone/spec/acceptance/basic_keystone_spec.rb b/keystone/spec/acceptance/basic_keystone_spec.rb index 069ea67a2..203bf5607 100644 --- a/keystone/spec/acceptance/basic_keystone_spec.rb +++ b/keystone/spec/acceptance/basic_keystone_spec.rb @@ -9,20 +9,33 @@ Exec { logoutput => 'on_failure' } # Common resources - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } -> - package { $need_to_be_upgraded: - ensure => latest, + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } + class { '::mysql::server': } # Keystone resources diff --git a/keystone/spec/acceptance/nodesets/nodepool-centos7.yml b/keystone/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/keystone/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/manila/spec/acceptance/nodesets/nodepool.yml b/keystone/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from manila/spec/acceptance/nodesets/nodepool.yml rename to keystone/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/keystone/spec/classes/keystone_spec.rb b/keystone/spec/classes/keystone_spec.rb index 44b9eee53..ba54c40cc 100644 --- a/keystone/spec/classes/keystone_spec.rb +++ b/keystone/spec/classes/keystone_spec.rb @@ -56,6 +56,7 @@ 'rabbit_userid' => 'guest', 'admin_workers' => 20, 'public_workers' => 20, + 'sync_db' => true, } override_params = { @@ -132,8 +133,8 @@ end end - it 'should only synchronize the db if $enabled is true' do - if param_hash['enabled'] + it 'should synchronize the db if $sync_db is true' do + if param_hash['sync_db'] is_expected.to contain_exec('keystone-manage db_sync').with( :user => 'keystone', :refreshonly => true, diff --git a/keystone/spec/spec_helper_acceptance.rb b/keystone/spec/spec_helper_acceptance.rb index 23590bf52..3149e5784 100644 --- a/keystone/spec/spec_helper_acceptance.rb +++ b/keystone/spec/spec_helper_acceptance.rb @@ -30,12 +30,12 @@ on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','duritong/sysctl'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-apache'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'keystone') diff --git a/manila/Gemfile b/manila/Gemfile index 95fc316ed..37e3eb3d4 100644 --- a/manila/Gemfile +++ b/manila/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'puppet-lint', '~> 1.1' gem 'metadata-json-lint' diff --git a/manila/spec/acceptance/basic_manila_spec.rb b/manila/spec/acceptance/basic_manila_spec.rb index e4463dfb2..ae16a5b57 100644 --- a/manila/spec/acceptance/basic_manila_spec.rb +++ b/manila/spec/acceptance/basic_manila_spec.rb @@ -9,27 +9,41 @@ Exec { logoutput => 'on_failure' } # Common resources - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': diff --git a/manila/spec/acceptance/nodesets/nodepool-centos7.yml b/manila/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/manila/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/nova/spec/acceptance/nodesets/nodepool.yml b/manila/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from nova/spec/acceptance/nodesets/nodepool.yml rename to manila/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/manila/spec/spec_helper_acceptance.rb b/manila/spec/spec_helper_acceptance.rb index 0a12a8418..44f34111c 100644 --- a/manila/spec/spec_helper_acceptance.rb +++ b/manila/spec/spec_helper_acceptance.rb @@ -26,15 +26,21 @@ shell('rm -fr /etc/puppet/modules/*') # install library modules from the forge + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'manila') diff --git a/memcached/manifests/init.pp b/memcached/manifests/init.pp index 08350ed0c..761efcb0e 100644 --- a/memcached/manifests/init.pp +++ b/memcached/manifests/init.pp @@ -2,9 +2,16 @@ # # Manage memcached # +# == Parameters +# [* syslog *] +# Boolean. +# If true will pipe output to /bin/logger, sends to syslog. +# class memcached ( $package_ensure = 'present', + $service_manage = true, $logfile = $::memcached::params::logfile, + $syslog = false, $pidfile = '/var/run/memcached.pid', $manage_firewall = false, $max_memory = false, @@ -35,6 +42,15 @@ } validate_bool($manage_firewall_bool) validate_bool($service_restart) + validate_bool($service_manage) + + validate_bool($syslog) + + # Logging to syslog and file are mutually exclusive + # Fail if both options are defined + if $syslog and str2bool($logfile) { + fail 'Define either syslog or logfile as logging destinations but not both.' + } if $package_ensure == 'absent' { $service_ensure = 'stopped' @@ -70,7 +86,7 @@ } } - if $service_restart { + if $service_restart and $service_manage { $service_notify_real = Service[$memcached::params::service_name] } else { $service_notify_real = undef @@ -87,11 +103,13 @@ } } - service { $memcached::params::service_name: - ensure => $service_ensure, - enable => $service_enable, - hasrestart => true, - hasstatus => $memcached::params::service_hasstatus, + if $service_manage { + service { $memcached::params::service_name: + ensure => $service_ensure, + enable => $service_enable, + hasrestart => true, + hasstatus => $memcached::params::service_hasstatus, + } } if $use_registry { @@ -99,7 +117,7 @@ ensure => 'present', type => 'string', data => template($memcached::params::config_tmpl), - notify => Service[$memcached::params::service_name] + notify => $service_notify_real, } } } diff --git a/memcached/metadata.json b/memcached/metadata.json index 3f1c3fb88..5c86811d1 100644 --- a/memcached/metadata.json +++ b/memcached/metadata.json @@ -33,7 +33,7 @@ } ], "name": "saz-memcached", - "version": "2.7.1", + "version": "2.8.0", "author": "saz", "summary": "UNKNOWN", "license": "Apache License, Version 2.0", diff --git a/memcached/spec/classes/memcached_spec.rb b/memcached/spec/classes/memcached_spec.rb index 3357569f7..d8f2981c8 100644 --- a/memcached/spec/classes/memcached_spec.rb +++ b/memcached/spec/classes/memcached_spec.rb @@ -96,6 +96,9 @@ :install_dev => true, :processorcount => 1 }, + { + :listen_ip => '', + }, { :pidfile => false, }, @@ -105,6 +108,9 @@ { :package_ensure => 'absent', :install_dev => true + }, + { + :service_manage => false } ].each do |param_set| describe "when #{param_set == {} ? "using default" : "specifying"} class parameters" do @@ -148,7 +154,9 @@ )} it { - if param_hash[:package_ensure] == 'absent' + if param_hash[:service_manage] == false + should_not contain_service('memcached') + elsif param_hash[:package_ensure] == 'absent' should contain_service("memcached").with( 'ensure' => 'stopped', 'enable' => false @@ -172,7 +180,6 @@ ) expected_lines = [ "logfile #{param_hash[:logfile]}", - "-l #{param_hash[:listen_ip]}", "-p #{param_hash[:tcp_port]}", "-U #{param_hash[:udp_port]}", "-u #{param_hash[:user]}", @@ -188,6 +195,9 @@ else expected_lines.push("-m 950") end + if(param_hash[:listen_ip] != '') + expected_lines.push("-l #{param_hash[:listen_ip]}") + end if(param_hash[:lock_memory]) expected_lines.push("-k") end diff --git a/memcached/templates/memcached.conf.erb b/memcached/templates/memcached.conf.erb index 1586d9426..0dae0bcf7 100644 --- a/memcached/templates/memcached.conf.erb +++ b/memcached/templates/memcached.conf.erb @@ -34,8 +34,11 @@ logfile <%= @logfile -%> # UNIX socket path to listen on -s <%= @unix_socket %> <% else -%> + +<% if @listen_ip != '' -%> # IP to listen on -l <%= @listen_ip %> +<% end -%> # TCP port to listen on -p <%= @tcp_port %> diff --git a/memcached/templates/memcached_sysconfig.erb b/memcached/templates/memcached_sysconfig.erb index 06f953050..825d46061 100644 --- a/memcached/templates/memcached_sysconfig.erb +++ b/memcached/templates/memcached_sysconfig.erb @@ -16,7 +16,12 @@ if @item_size result << '-I ' + @item_size.to_s end result << '-t ' + @processorcount.to_s -if @logfile + +# log to syslog via logger +if @syslog && @logfile.empty? + result << '2>&1 |/bin/logger &' +# log to log file +elsif !@logfile.empty? && !@syslog result << '>> ' + @logfile + ' 2>&1' end -%> diff --git a/module-collectd/templates/plugin/python/module.conf.erb b/module-collectd/templates/plugin/python/module.conf.erb index b34638a33..51716b39d 100644 --- a/module-collectd/templates/plugin/python/module.conf.erb +++ b/module-collectd/templates/plugin/python/module.conf.erb @@ -2,6 +2,6 @@ "> <% @config.sort.each do |key,value| -%> - <%= key -%> <%= value %> - <% end -%> - \ No newline at end of file + <%= key -%> <%= value -%> + <% end %> + diff --git a/mongodb/.travis.yml b/mongodb/.travis.yml index 52e0871be..cbf6f11df 100644 --- a/mongodb/.travis.yml +++ b/mongodb/.travis.yml @@ -14,9 +14,14 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/mysql/.travis.yml b/mysql/.travis.yml index 52e0871be..cbf6f11df 100644 --- a/mysql/.travis.yml +++ b/mysql/.travis.yml @@ -14,9 +14,14 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/mysql/CHANGELOG.md b/mysql/CHANGELOG.md index f24f5c38a..89d2fe836 100644 --- a/mysql/CHANGELOG.md +++ b/mysql/CHANGELOG.md @@ -1,3 +1,34 @@ +##2015-05-19 - Supported Release 3.4.0 +###Summary +This release includes the addition of extra facts, OpenBSD compatibility, and a number of other features, improvements and bug fixes. + +####Features/Improvements +- Added server_id fact which includes mac address for better uniqueness +- Added OpenBSD compatibility, only for 'OpenBSD -current' (due to the recent switch to mariadb) +- Added a $mysql_group parameter, and use that instead of the $root_group parameter to define the group membership of the mysql error log file. +- Updated tests for rspec-puppet 2 and future parser +- Further acceptance testing improvements +- MODULES-1928 - allow log-error to be undef +- Split package installation and database install +- README wording improvements +- Added options for including/excluding triggers and routines +- Made the 'TRIGGER' privilege of mysqldump backups depend on whether or not we are actually backing up triggers +- Cleaned up the privilege assignment in the mysqldump backup script +- Add a fact for capturing the mysql version installed + +####Bugfixes +- mysql backup: fix regression in mysql_user call +- Set service_ensure to undef, in the case of an unmanaged service +- README Typos fixed +- Bugfix on Xtrabackup crons +- Fixed a permission problem that was preventing triggers from being backed up +- MODULES-1981: Revoke and grant difference of old and new privileges +- Fix an issue were we assume triggers work +- Change default for mysql::server::backup to ignore_triggers = false + +####Deprecations +mysql::server::old_root_password property + ##2015-03-03 - Supported Release 3.3.0 ###Summary This release includes major README updates, the addition of backup providers, and a fix for managing the log-bin directory. diff --git a/mysql/README.md b/mysql/README.md index bf5508fe4..0202e05bd 100644 --- a/mysql/README.md +++ b/mysql/README.md @@ -202,11 +202,11 @@ The MySQL root password. Puppet attempts to set the root password and update `/r This is required if `create_root_user` or `create_root_my_cnf` are 'true'. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. -Password changes are supported however the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, then updates `/root/.my.cnf` with the new password. +Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. ####`old_root_password` -This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter for details on changing the root password. +This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter above for details on changing the root password. #####`override_options` @@ -385,7 +385,7 @@ Whether or not to include routines for each database when doing a `file_per_data #####`include_triggers` -Whether or not to include triggers for a each database when doing a `file_per_database` backup. Defaults to `true`. +Whether or not to include triggers for each database when doing a `file_per_database` backup. Defaults to `false`. #####`ensure` @@ -786,13 +786,13 @@ The library file name. #### `mysql_version` -Determines the MySql version by parsing the output from `mysql --version` +Determines the MySQL version by parsing the output from `mysql --version` #### `mysql_server_id` Generates a unique id, based on the node's MAC address, which can be used as -`server_id`. This fact will *always* return `0` on all nodes which only have -loopback interfaces. Given those nodes' connectivity that's probably okay. +`server_id`. This fact will *always* return `0` on nodes that have only +loopback interfaces. Because those nodes aren't connected to the outside world, this shouldn't cause any conflicts. ##Limitations diff --git a/mysql/manifests/backup/mysqldump.pp b/mysql/manifests/backup/mysqldump.pp index 28d2eeb74..77d5e39f4 100644 --- a/mysql/manifests/backup/mysqldump.pp +++ b/mysql/manifests/backup/mysqldump.pp @@ -12,7 +12,7 @@ $delete_before_dump = false, $backupdatabases = [], $file_per_database = false, - $include_triggers = true, + $include_triggers = false, $include_routines = false, $ensure = 'present', $time = ['23', '5'], @@ -26,7 +26,7 @@ require => Class['mysql::server::root_password'], } - if $include_triggers and versioncmp($::mysql_version, '5.1.5') > 0 { + if $include_triggers { $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ] } else { $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS' ] diff --git a/mysql/manifests/params.pp b/mysql/manifests/params.pp index 549ca04b9..65c344773 100644 --- a/mysql/manifests/params.pp +++ b/mysql/manifests/params.pp @@ -229,18 +229,18 @@ } 'FreeBSD': { - $client_package_name = 'databases/mysql55-client' - $server_package_name = 'databases/mysql55-server' + $client_package_name = 'databases/mysql56-client' + $server_package_name = 'databases/mysql56-server' $basedir = '/usr/local' - $config_file = '/var/db/mysql/my.cnf' - $includedir = '/var/db/mysql/my.cnf.d' + $config_file = '/usr/local/etc/my.cnf' + $includedir = '/usr/local/etc/my.cnf.d' $datadir = '/var/db/mysql' - $log_error = "/var/db/mysql/${::hostname}.err" - $pidfile = '/var/db/mysql/mysql.pid' + $log_error = '/var/log/mysqld.log' + $pidfile = '/var/run/mysql.pid' $root_group = 'wheel' $mysql_group = 'mysql' $server_service_name = 'mysql-server' - $socket = '/tmp/mysql.sock' + $socket = '/var/db/mysql/mysql.sock' $ssl_ca = undef $ssl_cert = undef $ssl_key = undef diff --git a/mysql/manifests/server/backup.pp b/mysql/manifests/server/backup.pp index 554c9a417..94e7732e5 100644 --- a/mysql/manifests/server/backup.pp +++ b/mysql/manifests/server/backup.pp @@ -13,7 +13,7 @@ $backupdatabases = [], $file_per_database = false, $include_routines = false, - $include_triggers = true, + $include_triggers = false, $ensure = 'present', $time = ['23', '5'], $postscript = false, diff --git a/mysql/manifests/server/installdb.pp b/mysql/manifests/server/installdb.pp index de4772e6a..612362611 100644 --- a/mysql/manifests/server/installdb.pp +++ b/mysql/manifests/server/installdb.pp @@ -11,8 +11,7 @@ if $mysql::server::manage_config_file { $install_db_args = "--basedir=${basedir} --defaults-extra-file=${config_file} --datadir=${datadir} --user=${mysqluser}" - } else { - $install_db_args = "--basedir=${basedir} --datadir=${datadir} --user=${mysqluser}" + } exec { 'mysql_install_db': @@ -20,7 +19,7 @@ creates => "${datadir}/mysql", logoutput => on_failure, path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin', - require => Package['mysql-server'], + require => Package[$mysql::server::package_name], } if $mysql::server::restart { diff --git a/mysql/manifests/server/service.pp b/mysql/manifests/server/service.pp index 4d33def68..418ef2a76 100644 --- a/mysql/manifests/server/service.pp +++ b/mysql/manifests/server/service.pp @@ -31,7 +31,7 @@ name => $mysql::server::service_name, enable => $mysql::server::real_service_enabled, provider => $mysql::server::service_provider, - require => Package['mysql-server'], + require => Package[$mysql::server::package_name], } # only establish ordering between config file and service if diff --git a/mysql/metadata.json b/mysql/metadata.json index f98e21641..6573b4bc9 100644 --- a/mysql/metadata.json +++ b/mysql/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-mysql", - "version": "3.3.0", + "version": "3.4.0", "author": "Puppet Labs", "summary": "Installs, configures, and manages the MySQL service.", "license": "Apache-2.0", diff --git a/mysql/spec/acceptance/mysql_backup_spec.rb b/mysql/spec/acceptance/mysql_backup_spec.rb index 4bc52d257..c33fcf5a8 100644 --- a/mysql/spec/acceptance/mysql_backup_spec.rb +++ b/mysql/spec/acceptance/mysql_backup_spec.rb @@ -1,6 +1,18 @@ require 'spec_helper_acceptance' +require 'puppet' +require 'puppet/util/package' describe 'mysql::server::backup class' do + + def pre_run + apply_manifest("class { 'mysql::server': root_password => 'password' }", :catch_failures => true) + @mysql_version = (on default, 'mysql --version').output.chomp.match(/\d+\.\d+\.\d+/)[0] + end + + def version_is_greater_than(version) + return Puppet::Util::Package.versioncmp(@mysql_version, version) > 0 + end + context 'should work with no errors' do it 'when configuring mysql backups' do pp = <<-EOS @@ -132,6 +144,7 @@ class { 'mysql::server::backup': context 'with triggers and routines' do it 'when configuring mysql backups with triggers and routines' do + pre_run pp = <<-EOS class { 'mysql::server': root_password => 'password' } mysql::db { [ @@ -150,7 +163,7 @@ class { 'mysql::server::backup': backupdir => '/tmp/backups', backupcompress => true, file_per_database => true, - include_triggers => true, + include_triggers => #{version_is_greater_than('5.1.5')}, include_routines => true, postscript => [ 'rm -rf /var/tmp/mysqlbackups', diff --git a/mysql/spec/classes/mysql_server_backup_spec.rb b/mysql/spec/classes/mysql_server_backup_spec.rb index f811ed7e1..ce88ae376 100644 --- a/mysql/spec/classes/mysql_server_backup_spec.rb +++ b/mysql/spec/classes/mysql_server_backup_spec.rb @@ -4,7 +4,7 @@ on_pe_supported_platforms(PLATFORMS).each do |pe_version,pe_platforms| pe_platforms.each do |pe_platform,facts| describe "on #{pe_version} #{pe_platform}" do - let(:facts) { {'mysql_version' => '5.1.6'}.merge(facts) } + let(:facts) { facts } let(:default_params) { { 'backupuser' => 'testuser', @@ -24,20 +24,15 @@ :require => 'Class[Mysql::Server::Root_password]') } it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER'] + :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'] ).that_requires('Mysql_user[testuser@localhost]') } - context 'mysql < 5.1.6' do - let(:facts) { {'mysql_version' => '5.0.95'}.merge(facts) } - it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'] - ).that_requires('Mysql_user[testuser@localhost]') } - end - context 'with triggers excluded' do + + context 'with triggers included' do let(:params) do - { :include_triggers => false }.merge(default_params) + { :include_triggers => true }.merge(default_params) end it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'] + :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER'] ).that_requires('Mysql_user[testuser@localhost]') } end @@ -158,9 +153,9 @@ ) end - it 'should backup triggers by default' do + it 'should skip backup triggers by default' do is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ ) end @@ -255,9 +250,9 @@ end end - it 'should backup triggers by default' do + it 'should skip backup triggers by default' do is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ ) end @@ -280,15 +275,6 @@ /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ ) end - describe 'mysql_version < 5.0.11' do - let(:facts) { facts.merge({'mysql_version' => '5.0.10'}) } - it 'should backup triggers when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ - ) - end - end - end context 'with include_triggers set to false' do diff --git a/neutron/lib/puppet/provider/neutron.rb b/neutron/lib/puppet/provider/neutron.rb index f73bae997..4313e2f06 100644 --- a/neutron/lib/puppet/provider/neutron.rb +++ b/neutron/lib/puppet/provider/neutron.rb @@ -124,7 +124,7 @@ def self.list_neutron_resources(type) list = auth_neutron("#{type}-list", '--format=csv', '--column=id', '--quote=none') if list.nil? - raise(Puppet::ExecutionFailure, "Can't retrieve #{type}-list because Neutron or Keystone API is not avalaible.") + raise(Puppet::ExecutionFailure, "Can't retrieve #{type}-list because Neutron or Keystone API is not available.") end (list.split("\n")[1..-1] || []).compact.collect do |line| @@ -137,7 +137,7 @@ def self.get_neutron_resource_attrs(type, id) attrs = {} net = auth_neutron("#{type}-show", '--format=shell', id) if net.nil? - raise(Puppet::ExecutionFailure, "Can't retrieve #{type}-show because Neutron or Keystone API is not avalaible.") + raise(Puppet::ExecutionFailure, "Can't retrieve #{type}-show because Neutron or Keystone API is not available.") end last_key = nil diff --git a/neutron/manifests/agents/l3.pp b/neutron/manifests/agents/l3.pp index 564f27ced..2e3fb2f53 100644 --- a/neutron/manifests/agents/l3.pp +++ b/neutron/manifests/agents/l3.pp @@ -164,7 +164,7 @@ } if $network_device_mtu { - warning('The neutron::l3_agent::network_device_mtu parameter is deprecated, use neutron::network_device_mtu instead.') + warning('The neutron::agents::l3::network_device_mtu parameter is deprecated, use neutron::network_device_mtu instead.') neutron_l3_agent_config { 'DEFAULT/network_device_mtu': value => $network_device_mtu; } diff --git a/neutron/spec/acceptance/basic_neutron_spec.rb b/neutron/spec/acceptance/basic_neutron_spec.rb index de377a832..a3938c3d9 100644 --- a/neutron/spec/acceptance/basic_neutron_spec.rb +++ b/neutron/spec/acceptance/basic_neutron_spec.rb @@ -9,17 +9,10 @@ Exec { logoutput => 'on_failure' } include ::apt - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } diff --git a/neutron/spec/spec_helper_acceptance.rb b/neutron/spec/spec_helper_acceptance.rb index 14c814570..c110059a9 100644 --- a/neutron/spec/spec_helper_acceptance.rb +++ b/neutron/spec/spec_helper_acceptance.rb @@ -37,6 +37,7 @@ shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') shell('git clone https://git.openstack.org/stackforge/puppet-vswitch /etc/puppet/modules/vswitch') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'neutron') diff --git a/neutron/spec/unit/provider/neutron_spec.rb b/neutron/spec/unit/provider/neutron_spec.rb index fa10d9683..d27abddeb 100644 --- a/neutron/spec/unit/provider/neutron_spec.rb +++ b/neutron/spec/unit/provider/neutron_spec.rb @@ -29,7 +29,7 @@ def klass end let :exec_error do - /Neutron or Keystone API is not avalaible/ + /Neutron or Keystone API is not available/ end after :each do diff --git a/nova/Gemfile b/nova/Gemfile index 571fd65dc..4c65317ac 100644 --- a/nova/Gemfile +++ b/nova/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-param-docs' diff --git a/nova/README.md b/nova/README.md index c6b3797a9..85635bd76 100644 --- a/nova/README.md +++ b/nova/README.md @@ -88,13 +88,17 @@ Beaker-Rspec This module has beaker-rspec tests -To run: +To run the tests on the default vagrant node: ```shell bundle install -BEAKER_setfile=default bundle exec rspec spec/acceptance +bundle exec rspec spec/acceptance ``` +For more information on writing and running beaker-rspec tests visit the documentation: + +* https://github.com/puppetlabs/beaker/wiki/How-to-Write-a-Beaker-Test-for-a-Module + Contributors ------------ diff --git a/nova/manifests/compute/libvirt.pp b/nova/manifests/compute/libvirt.pp index 04852ade1..14a24ec84 100644 --- a/nova/manifests/compute/libvirt.pp +++ b/nova/manifests/compute/libvirt.pp @@ -125,10 +125,10 @@ service { 'messagebus': ensure => running, enable => true, + name => $::nova::params::messagebus_service_name, provider => $::nova::params::special_service_provider, } Package['libvirt'] -> Service['messagebus'] -> Service['libvirt'] - } if $migration_support { diff --git a/nova/manifests/compute/rbd.pp b/nova/manifests/compute/rbd.pp index c0c89a45e..190863a18 100644 --- a/nova/manifests/compute/rbd.pp +++ b/nova/manifests/compute/rbd.pp @@ -74,7 +74,8 @@ } file { '/etc/nova/secret.xml': - content => template('nova/secret.xml-compute.erb') + content => template('nova/secret.xml-compute.erb'), + require => Class['::nova'] } exec { 'get-or-set virsh secret': diff --git a/nova/manifests/params.pp b/nova/manifests/params.pp index 50f9b014f..5e491f4ef 100644 --- a/nova/manifests/params.pp +++ b/nova/manifests/params.pp @@ -49,8 +49,10 @@ } 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { if (versioncmp($::operatingsystemmajrelease, '7') < 0) { + $messagebus_service_name = 'messagebus' $special_service_provider = 'init' } else { + $messagebus_service_name = 'dbus' $special_service_provider = undef } } diff --git a/nova/spec/acceptance/basic_nova_spec.rb b/nova/spec/acceptance/basic_nova_spec.rb index f18dc51cc..190b3c1a1 100644 --- a/nova/spec/acceptance/basic_nova_spec.rb +++ b/nova/spec/acceptance/basic_nova_spec.rb @@ -8,27 +8,42 @@ pp= <<-EOS Exec { logoutput => 'on_failure' } - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + # Common resources + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': diff --git a/nova/spec/acceptance/nodesets/default.yml b/nova/spec/acceptance/nodesets/default.yml index a2c1ecc63..cba1cd04c 100644 --- a/nova/spec/acceptance/nodesets/default.yml +++ b/nova/spec/acceptance/nodesets/default.yml @@ -1,9 +1,11 @@ HOSTS: - ubuntu-14.04-amd64: + ubuntu-server-1404-x64: roles: - master platform: ubuntu-14.04-amd64 - hypervisor : none - ip: 127.0.0.1 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant CONFIG: - type: foss + log_level : debug + type: git diff --git a/nova/spec/acceptance/nodesets/nodepool-centos7.yml b/nova/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/nova/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/openstacklib/spec/acceptance/nodesets/nodepool.yml b/nova/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from openstacklib/spec/acceptance/nodesets/nodepool.yml rename to nova/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/nova/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/nova/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 000000000..cba1cd04c --- /dev/null +++ b/nova/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/nova/spec/classes/nova_compute_libvirt_spec.rb b/nova/spec/classes/nova_compute_libvirt_spec.rb index 7a75e0687..a2795f3d2 100644 --- a/nova/spec/classes/nova_compute_libvirt_spec.rb +++ b/nova/spec/classes/nova_compute_libvirt_spec.rb @@ -98,9 +98,9 @@ :migration_support => true } end - it { should contain_class('nova::migration::libvirt')} - it { should contain_nova_config('DEFAULT/vncserver_listen').with_value('::0')} - it { should contain_file_line('/etc/default/libvirt-bin libvirtd opts').with(:line => 'libvirtd_opts="-d -l"') } + it { is_expected.to contain_class('nova::migration::libvirt')} + it { is_expected.to contain_nova_config('DEFAULT/vncserver_listen').with_value('::0')} + it { is_expected.to contain_file_line('/etc/default/libvirt-bin libvirtd opts').with(:line => 'libvirtd_opts="-d -l"') } end context 'with vncserver_listen not set to 0.0.0.0' do @@ -154,7 +154,8 @@ :ensure => 'running', :enable => true, :before => 'Service[libvirt]', - :provider => 'init' + :provider => 'init', + :name => 'messagebus' ) } describe 'on rhel 7' do @@ -168,7 +169,8 @@ )} it { is_expected.to contain_service('messagebus').with( - :provider => nil + :provider => nil, + :name => 'dbus' )} end diff --git a/nova/spec/spec_helper_acceptance.rb b/nova/spec/spec_helper_acceptance.rb index d8b6c669e..19d51c115 100644 --- a/nova/spec/spec_helper_acceptance.rb +++ b/nova/spec/spec_helper_acceptance.rb @@ -31,13 +31,18 @@ on host, puppet('module','install','duritong/sysctl'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') shell('git clone https://git.openstack.org/stackforge/puppet-cinder /etc/puppet/modules/cinder') shell('git clone https://git.openstack.org/stackforge/puppet-glance /etc/puppet/modules/glance') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'nova') diff --git a/nova/templates/secret.xml-compute.erb b/nova/templates/secret.xml-compute.erb index a17d70e05..c772552b3 100644 --- a/nova/templates/secret.xml-compute.erb +++ b/nova/templates/secret.xml-compute.erb @@ -1,6 +1,6 @@ - <%= rbd_keyring %> secret + <%= @rbd_keyring %> secret <%= @libvirt_rbd_secret_uuid %> diff --git a/ntp/.travis.yml b/ntp/.travis.yml index 52e0871be..cbf6f11df 100644 --- a/ntp/.travis.yml +++ b/ntp/.travis.yml @@ -14,9 +14,14 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/ntp/CHANGELOG.md b/ntp/CHANGELOG.md index 45db969d1..b34a9e610 100644 --- a/ntp/CHANGELOG.md +++ b/ntp/CHANGELOG.md @@ -1,18 +1,34 @@ -## 2015-xx-xx - Supported Release 4.0.0 +## 2015-05-26 - Supported Release 4.0.0 ### Summary -This release drops puppet 2.7 support and older stdlib support. +This release drops puppet 2.7 support and older stdlib support. It also includes the addition of 12 new properties, as well as numerous bug fixes and other improvements. #### Backwards-incompatible changes - UDLC (Undisciplined local clock) is now no longer enabled by default on anything (previous was enabled on non-virtual). - Puppet 2.7 no longer supported - puppetlabs-stdlib less than 4.5.0 no longer supported -- TODO: The `keys_file` parent directory is no longer managed by puppet #### Features -- TODO +- Readme, Metadata, and Contribution documentation improvements +- Acceptance test improvements +- Added the `broadcastclient` property +- Added the `disable_auth` property +- Added `broadcastclient` property +- Added `disable_auth` property +- Added `fudge` property +- Added `peers` property +- Added `udlc_stratum` property +- Added `tinker` property +- Added `minpoll` property +- Added `maxpoll` property +- Added `stepout` property +- Added `leapfile` property #### Bugfixes -- TODO +- Removing equal sign as delimiter in ntp.conf for the logfile parameter. +- Add package_manage parameter, which is set to false by default on FreeBSD +- Fixed an issue with the `is_virtual` property +- Fixed debian wheezy issue +- Fix for Redhat to disable ntp restart due to dhcp ntp server updates ##2014-11-04 - Supported Release 3.3.0 ###Summary diff --git a/ntp/metadata.json b/ntp/metadata.json index 96366b7bb..e3515d3e9 100644 --- a/ntp/metadata.json +++ b/ntp/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-ntp", - "version": "3.3.0", + "version": "4.0.0", "author": "Puppet Labs", "summary": "Installs, configures, and manages the NTP service.", "license": "Apache Version 2.0", diff --git a/openstacklib/Gemfile b/openstacklib/Gemfile index 3e2f53f76..c160caceb 100644 --- a/openstacklib/Gemfile +++ b/openstacklib/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'puppet-lint', '~> 1.1.0' gem 'metadata-json-lint' diff --git a/openstacklib/spec/acceptance/mysql_spec.rb b/openstacklib/spec/acceptance/mysql_spec.rb index 44366e1c2..590a17a64 100644 --- a/openstacklib/spec/acceptance/mysql_spec.rb +++ b/openstacklib/spec/acceptance/mysql_spec.rb @@ -25,7 +25,7 @@ class { '::mysql::server': } it { is_expected.to be_listening.with('tcp') } end - describe command("mysql --defaults-file=/root/.my.cnf -e 'show databases;' | grep -q beaker") do + describe command("mysql -e 'show databases;' | grep -q beaker") do it { should return_exit_status 0 } end diff --git a/openstacklib/spec/acceptance/nodesets/nodepool-centos7.yml b/openstacklib/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/openstacklib/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/sahara/spec/acceptance/nodesets/nodepool.yml b/openstacklib/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from sahara/spec/acceptance/nodesets/nodepool.yml rename to openstacklib/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/openstacklib/spec/acceptance/rabbitmq_spec.rb b/openstacklib/spec/acceptance/rabbitmq_spec.rb index 98e1cb4fc..4b82b8222 100644 --- a/openstacklib/spec/acceptance/rabbitmq_spec.rb +++ b/openstacklib/spec/acceptance/rabbitmq_spec.rb @@ -8,9 +8,29 @@ pp= <<-EOS Exec { logoutput => 'on_failure' } + if $::osfamily == 'RedHat' { + # RabbitMQ is not available in default repo + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } else { + $package_provider = 'apt' + } + class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider } # openstacklib resources diff --git a/openstacklib/spec/spec_helper_acceptance.rb b/openstacklib/spec/spec_helper_acceptance.rb index 52d84d2d7..6072dde1f 100644 --- a/openstacklib/spec/spec_helper_acceptance.rb +++ b/openstacklib/spec/spec_helper_acceptance.rb @@ -32,6 +32,7 @@ on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } # until https://github.com/tamaskozak/puppetlabs-rabbitmq/commit/8bbfe320035fae2ae900211501008d63dc3c171c is part of a release shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq /etc/puppet/modules/rabbitmq') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'openstacklib') # List modules installed to help with debugging diff --git a/rabbitmq/.travis.yml b/rabbitmq/.travis.yml index ecf7d9076..742380f6b 100644 --- a/rabbitmq/.travis.yml +++ b/rabbitmq/.travis.yml @@ -14,5 +14,10 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/rabbitmq/CHANGELOG.md b/rabbitmq/CHANGELOG.md index 85055ddd4..9800626d7 100644 --- a/rabbitmq/CHANGELOG.md +++ b/rabbitmq/CHANGELOG.md @@ -1,3 +1,14 @@ +## 2015-05-26 - Version 5.2.1 +###Summary +This release includes a fix for idempotency between puppet runs, as well as Readme updates + +####Features +- Readme updates +- Testing updates + +####Bugfixes +- Ensure idempotency between Puppet runs + ## 2015-04-28 - Version 5.2.0 ###Summary This release adds several new features for expanded configuration, support for SSL Ciphers, several bugfixes, and improved tests. diff --git a/rabbitmq/README.md b/rabbitmq/README.md index ba56d0e8b..72c1ea03a 100644 --- a/rabbitmq/README.md +++ b/rabbitmq/README.md @@ -442,7 +442,7 @@ rabbitmq_user { 'dan': query all current vhosts: `$ puppet resource rabbitmq_vhost` ```puppet -rabbitmq_vhost { 'myhost': +rabbitmq_vhost { 'myvhost': ensure => present, } ``` @@ -450,7 +450,7 @@ rabbitmq_vhost { 'myhost': ### rabbitmq\_exchange ```puppet -rabbitmq_exchange { 'myexchange@myhost': +rabbitmq_exchange { 'myexchange@myvhost': user => 'dan', password => 'bar', type => 'topic', @@ -467,7 +467,7 @@ rabbitmq_exchange { 'myexchange@myhost': ### rabbitmq\_queue ```puppet -rabbitmq_queue { 'myqueue@myhost': +rabbitmq_queue { 'myqueue@myvhost': user => 'dan', password => 'bar', durable => true, @@ -483,7 +483,7 @@ rabbitmq_queue { 'myqueue@myhost': ### rabbitmq\_binding ```puppet -rabbitmq_binding { 'myexchange@myqueue@myhost': +rabbitmq_binding { 'myexchange@myqueue@myvhost': user => 'dan', password => 'bar', destination_type => 'queue', @@ -496,7 +496,7 @@ rabbitmq_binding { 'myexchange@myqueue@myhost': ### rabbitmq\_user\_permissions ```puppet -rabbitmq_user_permissions { 'dan@myhost': +rabbitmq_user_permissions { 'dan@myvhost': configure_permission => '.*', read_permission => '.*', write_permission => '.*', @@ -506,7 +506,7 @@ rabbitmq_user_permissions { 'dan@myhost': ### rabbitmq\_policy ```puppet -rabbitmq_policy { 'ha-all@myhost': +rabbitmq_policy { 'ha-all@myvhost': pattern => '.*', priority => 0, applyto => 'all', diff --git a/rabbitmq/manifests/config.pp b/rabbitmq/manifests/config.pp index 5e3f1ef6e..159ae68db 100644 --- a/rabbitmq/manifests/config.pp +++ b/rabbitmq/manifests/config.pp @@ -120,10 +120,11 @@ 'RedHat': { if versioncmp($::operatingsystemmajrelease, '7') >= 0 { file { '/etc/systemd/system/rabbitmq-server.service.d': - ensure => directory, - owner => '0', - group => '0', - mode => '0755', + ensure => directory, + owner => '0', + group => '0', + mode => '0755', + selinux_ignore_defaults => true, } -> file { '/etc/systemd/system/rabbitmq-server.service.d/limits.conf': content => template('rabbitmq/rabbitmq-server.service.d/limits.conf'), diff --git a/rabbitmq/metadata.json b/rabbitmq/metadata.json index d7d4133df..945a26f47 100644 --- a/rabbitmq/metadata.json +++ b/rabbitmq/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-rabbitmq", - "version": "5.2.0", + "version": "5.2.1", "author": "puppetlabs", "summary": "Installs, configures, and manages RabbitMQ.", "license": "Apache-2.0", diff --git a/rabbitmq/spec/classes/rabbitmq_spec.rb b/rabbitmq/spec/classes/rabbitmq_spec.rb index 9ba29f76a..675a8759e 100644 --- a/rabbitmq/spec/classes/rabbitmq_spec.rb +++ b/rabbitmq/spec/classes/rabbitmq_spec.rb @@ -252,10 +252,11 @@ let(:facts) {{ :osfamily => 'RedHat', :operatingsystemmajrelease => '7' }} it { should contain_file('/etc/systemd/system/rabbitmq-server.service.d').with( - 'ensure' => 'directory', - 'owner' => '0', - 'group' => '0', - 'mode' => '0755' + 'ensure' => 'directory', + 'owner' => '0', + 'group' => '0', + 'mode' => '0755', + 'selinux_ignore_defaults' => true ) } it { should contain_exec('rabbitmq-systemd-reload').with( diff --git a/redis/manifests/init.pp b/redis/manifests/init.pp index 1b0f90ad8..2dafce8d7 100644 --- a/redis/manifests/init.pp +++ b/redis/manifests/init.pp @@ -234,6 +234,11 @@ # # Default: undef # +# [*service_manage*] +# Specify if the service should be part of the catalog. +# +# Default: true +# # [*service_enable*] # Enable/disable daemon at boot. # @@ -402,6 +407,7 @@ $repl_ping_slave_period = $::redis::params::repl_ping_slave_period, $repl_timeout = $::redis::params::repl_timeout, $requirepass = $::redis::params::requirepass, + $service_manage = $::redis::params::service_manage, $service_enable = $::redis::params::service_enable, $service_ensure = $::redis::params::service_ensure, $service_group = $::redis::params::service_group, diff --git a/redis/manifests/params.pp b/redis/manifests/params.pp index e0a6564bc..2a2cbaa1a 100644 --- a/redis/manifests/params.pp +++ b/redis/manifests/params.pp @@ -86,6 +86,7 @@ $sentinel_init_script = '/etc/init.d/redis-sentinel' $sentinel_package_name = 'redis-server' $sentinel_package_ensure = 'present' + $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' @@ -112,6 +113,7 @@ $sentinel_init_script = undef $sentinel_package_name = 'redis' $sentinel_package_ensure = 'present' + $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' @@ -137,6 +139,7 @@ $sentinel_init_script = undef $sentinel_package_name = 'redis' $sentinel_package_ensure = 'present' + $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' @@ -162,6 +165,7 @@ $sentinel_init_script = undef $sentinel_package_name = 'redis' $sentinel_package_ensure = 'present' + $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' diff --git a/redis/manifests/service.pp b/redis/manifests/service.pp index 7ab7752e1..53ae7ffbf 100644 --- a/redis/manifests/service.pp +++ b/redis/manifests/service.pp @@ -3,11 +3,13 @@ # This class manages the Redis daemon. # class redis::service { - service { $::redis::service_name: - ensure => $::redis::service_ensure, - enable => $::redis::service_enable, - hasrestart => $::redis::service_hasrestart, - hasstatus => $::redis::service_hasstatus, + if $::redis::service_manage { + service { $::redis::service_name: + ensure => $::redis::service_ensure, + enable => $::redis::service_enable, + hasrestart => $::redis::service_hasrestart, + hasstatus => $::redis::service_hasstatus, + } } } diff --git a/redis/spec/classes/redis_spec.rb b/redis/spec/classes/redis_spec.rb index b621392c9..f8120b7ce 100644 --- a/redis/spec/classes/redis_spec.rb +++ b/redis/spec/classes/redis_spec.rb @@ -502,6 +502,12 @@ } end + describe 'with parameter: service_manage (set to false)' do + let (:params) { { :service_manage => false } } + + it { should_not contain_service('redis-server') } + end + describe 'with parameter: service_enable' do let (:params) { { :service_enable => true } } diff --git a/sahara/Gemfile b/sahara/Gemfile index 7d591ff81..f36bf808f 100644 --- a/sahara/Gemfile +++ b/sahara/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-param-docs' diff --git a/sahara/manifests/init.pp b/sahara/manifests/init.pp index 4e0acfed5..dfe4e73e6 100644 --- a/sahara/manifests/init.pp +++ b/sahara/manifests/init.pp @@ -102,22 +102,48 @@ include ::sahara::params include ::sahara::policy + if $::osfamily == 'RedHat' { + $group_require = Package['sahara'] + $dir_require = Package['sahara'] + $conf_require = Package['sahara'] + } else { + # TO-DO(mmagr): This hack has to be removed as soon as following bug + # is fixed. On Ubuntu sahara-trove is not installable because it needs + # running database and prefilled sahara.conf in order to install package: + # https://bugs.launchpad.net/ubuntu/+source/sahara/+bug/1452698 + Sahara_config<| |> -> Package['sahara'] + + $group_require = undef + $dir_require = Group['sahara'] + $conf_require = File['/etc/sahara'] + } group { 'sahara': - ensure => 'present', - name => 'sahara', + ensure => 'present', + name => 'sahara', + system => true, + require => $group_require } - file { '/etc/sahara/': - ensure => directory, - owner => 'root', - group => 'sahara', + user { 'sahara': + ensure => 'present', + gid => 'sahara', + system => true, require => Group['sahara'] } + file { '/etc/sahara/': + ensure => directory, + owner => 'root', + group => 'sahara', + require => $dir_require, + selinux_ignore_defaults => true + } + file { '/etc/sahara/sahara.conf': - owner => 'root', - group => 'sahara', - require => File['/etc/sahara'] + owner => 'root', + group => 'sahara', + require => $conf_require, + selinux_ignore_defaults => true } package { 'sahara': @@ -133,7 +159,6 @@ # then we install Sahara. This is a very ugly hack to fix packaging issue. # https://bugs.launchpad.net/cloud-archive/+bug/1450945 File['/etc/sahara/sahara.conf'] -> Sahara_config<| |> - Sahara_config<| |> -> Package['sahara'] Package['sahara'] -> Class['sahara::policy'] @@ -224,9 +249,9 @@ exec { 'sahara-dbmanage': command => $::sahara::params::dbmanage_command, path => '/usr/bin', - user => 'root', + user => 'sahara', refreshonly => true, - subscribe => [Package['sahara'],Sahara_config['database/connection']], + subscribe => [Package['sahara'], Sahara_config['database/connection']], logoutput => on_failure, } diff --git a/sahara/spec/acceptance/basic_sahara_spec.rb b/sahara/spec/acceptance/basic_sahara_spec.rb index dc99e02a3..e3a16fbcf 100644 --- a/sahara/spec/acceptance/basic_sahara_spec.rb +++ b/sahara/spec/acceptance/basic_sahara_spec.rb @@ -8,27 +8,42 @@ pp= <<-EOS Exec { logoutput => 'on_failure' } - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + # Common resources + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': diff --git a/sahara/spec/acceptance/nodesets/nodepool-centos7.yml b/sahara/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/sahara/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/swift/spec/acceptance/nodesets/nodepool.yml b/sahara/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from swift/spec/acceptance/nodesets/nodepool.yml rename to sahara/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/sahara/spec/spec_helper_acceptance.rb b/sahara/spec/spec_helper_acceptance.rb index 9b8fa47c2..495a9b8c0 100644 --- a/sahara/spec/spec_helper_acceptance.rb +++ b/sahara/spec/spec_helper_acceptance.rb @@ -26,16 +26,22 @@ shell('rm -fr /etc/puppet/modules/*') # install library modules from the forge + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','duritong/sysctl'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'sahara') diff --git a/stdlib/.travis.yml b/stdlib/.travis.yml index 58e62d992..371586b97 100644 --- a/stdlib/.travis.yml +++ b/stdlib/.travis.yml @@ -14,5 +14,10 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/stdlib/CHANGELOG.md b/stdlib/CHANGELOG.md index c17e7509a..eef04737b 100644 --- a/stdlib/CHANGELOG.md +++ b/stdlib/CHANGELOG.md @@ -12,7 +12,7 @@ Adds functions and function argument abilities, and improves compatibility with - `validate_absolute_path()` can now take an array - `validate_cmd()` can now use % in the command to embed the validation file argument in the string - MODULES-1473: deprecate `type()` function in favor of `type3x()` -- MODULES-1473: Add `type_of()` to give better time information on future parser +- MODULES-1473: Add `type_of()` to give better type information on future parser - Deprecate `private()` for `assert_private()` due to future parser - Adds `ceiling()` to take the ceiling of a number - Adds `fqdn_rand_string()` to generate random string based on fqdn diff --git a/stdlib/README.markdown b/stdlib/README.markdown index 38890882a..c140af447 100644 --- a/stdlib/README.markdown +++ b/stdlib/README.markdown @@ -16,8 +16,7 @@ Adds a standard library of resources for Puppet modules. ##Module Description -This module provides a standard library of resources for the development of Puppet -modules. Puppet modules make heavy use of this standard library. The stdlib module adds the following resources to Puppet: +This module provides a standard library of resources for the development of Puppet modules. Puppet modules make heavy use of this standard library. The stdlib module adds the following resources to Puppet: * Stages * Facts @@ -38,23 +37,11 @@ After you've installed stdlib, all of its functions, facts, and resources are av If you want to use a standardized set of run stages for Puppet, `include stdlib` in your manifest. -## Reference - -### Classes - -#### Public Classes - * `stdlib`: Most of stdlib's features are automatically loaded by Puppet. To use standardized run stages in Puppet, declare this class in your manifest with `include stdlib`. When declared, stdlib declares all other classes in the module. The only other class currently included in the module is `stdlib::stages`. - The stdlib class has no parameters. - -#### Private Classes - -* `stdlib::stages`: This class manages a standard set of run stages for Puppet. It is managed by the stdlib class and should not be declared independently. - - The `stdlib::stages` class declares various run stages for deploying infrastructure, language runtimes, and application layers. The high level stages are (in order): +The `stdlib::stages` class declares various run stages for deploying infrastructure, language runtimes, and application layers. The high level stages are (in order): * setup * main @@ -67,18 +54,31 @@ If you want to use a standardized set of run stages for Puppet, `include stdlib` Sample usage: - ``` + ~~~ node default { include stdlib class { java: stage => 'runtime' } } - ``` + ~~~ -### Resources +## Reference -* `file_line`: This resource ensures that a given line, including whitespace at the beginning and end, is contained within a file. If the line is not contained in the given file, Puppet will add the line. Multiple resources can be declared to manage multiple lines in the same file. You can also use match to replace existing lines. +### Classes + +#### Public Classes - ``` + The stdlib class has no parameters. + +#### Private Classes + +* `stdlib::stages`: Manages a standard set of run stages for Puppet. It is managed by the stdlib class and should not be declared independently. + +### Types + +#### `file_line` + Ensures that a given line, including whitespace at the beginning and end, is contained within a file. If the line is not contained in the given file, Puppet will add the line. Multiple resources can be declared to manage multiple lines in the same file. You can also use `match` to replace existing lines. + + ~~~ file_line { 'sudo_rule': path => '/etc/sudoers', line => '%sudo ALL=(ALL) ALL', @@ -87,31 +87,33 @@ If you want to use a standardized set of run stages for Puppet, `include stdlib` path => '/etc/sudoers', line => '%sudonopw ALL=(ALL) NOPASSWD: ALL', } - ``` + ~~~ + +##### Parameters +All parameters are optional, unless otherwise noted. + +* `after`: Specifies the line after which Puppet will add any new lines. (Existing lines are added in place.) Valid options: String. Default: Undefined. +* `ensure`: Ensures whether the resource is present. Valid options: 'present', 'absent'. Default: 'present'. +* `line`: **Required.** Sets the line to be added to the file located by the `path` parameter. Valid options: String. Default: Undefined. +* `match`: Specifies a regular expression to run against existing lines in the file; if a match is found, it is replaced rather than adding a new line. Valid options: String containing a regex. Default: Undefined. +* `multiple`: Determines if `match` and/or `after` can change multiple lines. If set to false, an exception will be raised if more than one line matches. Valid options: 'true', 'false'. Default: Undefined. +* `name`: Sets the name to use as the identity of the resource. This is necessary if you want the resource namevar to differ from the supplied `title` of the resource. Valid options: String. Default: Undefined. +* `path`: **Required.** Defines the file in which Puppet will ensure the line specified by `line`. Must be an absolute path to the file. - * `after`: Specify the line after which Puppet will add any new lines. (Existing lines are added in place.) Optional. - * `ensure`: Ensures whether the resource is present. Valid values are 'present', 'absent'. - * `line`: The line to be added to the file located by the `path` parameter. - * `match`: A regular expression to run against existing lines in the file; if a match is found, we replace that line rather than adding a new line. Optional. - * `multiple`: Determine if match can change multiple lines. Valid values are 'true', 'false'. Optional. - * `name`: An arbitrary name used as the identity of the resource. - * `path`: The file in which Puppet will ensure the line specified by the line parameter. ### Functions #### `abs` -Returns the absolute value of a number; for example, '-34.56' becomes '34.56'. Takes a single integer and float value as an argument. *Type*: rvalue +Returns the absolute value of a number; for example, '-34.56' becomes '34.56'. Takes a single integer and float value as an argument. *Type*: rvalue. #### `any2array` -This converts any object to an array containing that object. Empty argument lists are converted to an empty array. Arrays are left untouched. Hashes are converted to arrays of alternating keys and values. *Type*: rvalue +Converts any object to an array containing that object. Empty argument lists are converted to an empty array. Arrays are left untouched. Hashes are converted to arrays of alternating keys and values. *Type*: rvalue. #### `base64` -Converts a string to and from base64 encoding. -Requires an action ('encode', 'decode') and either a plain or base64-encoded -string. *Type*: rvalue +Converts a string to and from base64 encoding. Requires an action ('encode', 'decode') and either a plain or base64-encoded string. *Type*: rvalue. #### `basename` @@ -120,49 +122,47 @@ Returns the `basename` of a path (optionally stripping an extension). For exampl * ('relative/path/file.ext') returns 'file.ext' * ('/path/to/a/file.ext', '.ext') returns 'file' - *Type*: rvalue +*Type*: rvalue. #### `bool2num` Converts a boolean to a number. Converts values: * 'false', 'f', '0', 'n', and 'no' to 0. * 'true', 't', '1', 'y', and 'yes' to 1. - Requires a single boolean or string as an input. *Type*: rvalue + Requires a single boolean or string as an input. *Type*: rvalue. #### `capitalize` -Capitalizes the first letter of a string or array of strings. -Requires either a single string or an array as an input. *Type*: rvalue +Capitalizes the first letter of a string or array of strings. Requires either a single string or an array as an input. *Type*: rvalue. #### `ceiling` -Returns the smallest integer greater than or equal to the argument. -Takes a single numeric value as an argument. *Type*: rvalue +Returns the smallest integer greater than or equal to the argument. Takes a single numeric value as an argument. *Type*: rvalue. #### `chomp` -Removes the record separator from the end of a string or an array of -strings; for example, 'hello\n' becomes 'hello'. Requires a single string or array as an input. *Type*: rvalue +Removes the record separator from the end of a string or an array of strings; for example, 'hello\n' becomes 'hello'. Requires a single string or array as an input. *Type*: rvalue. #### `chop` -Returns a new string with the last character removed. If the string ends with '\r\n', both characters are removed. Applying `chop` to an empty string returns an empty string. If you want to merely remove record separators, then you should use the `chomp` function. Requires a string or an array of strings as input. *Type*: rvalue +Returns a new string with the last character removed. If the string ends with '\r\n', both characters are removed. Applying `chop` to an empty string returns an empty string. If you want to merely remove record separators, then you should use the `chomp` function. Requires a string or an array of strings as input. *Type*: rvalue. #### `concat` -Appends the contents of multiple arrays onto array 1. For example: - * `concat(['1','2','3'],'4')` results in: ['1','2','3','4']. - * `concat(['1','2','3'],'4',['5','6','7'])` results in: ['1','2','3','4','5','6','7']. +Appends the contents of multiple arrays onto the first array given. For example: + * `concat(['1','2','3'],'4')` returns ['1','2','3','4']. + * `concat(['1','2','3'],'4',['5','6','7'])` returns ['1','2','3','4','5','6','7']. + *Type*: rvalue. #### `count` -Takes an array as first argument and an optional second argument. Count the number of elements in array that matches second argument. If called with only an array, it counts the number of elements that are **not** nil/undef. *Type*: rvalue +If called with only an array, it counts the number of elements that are **not** nil/undef. If called with a second argument, counts the number of elements in an array that matches the second argument. *Type*: rvalue. #### `defined_with_params` Takes a resource reference and an optional hash of attributes. Returns 'true' if a resource with the specified attributes has already been added to the catalog. Returns 'false' otherwise. - ``` + ~~~ user { 'dan': ensure => present, } @@ -170,100 +170,96 @@ Takes a resource reference and an optional hash of attributes. Returns 'true' if if ! defined_with_params(User[dan], {'ensure' => 'present' }) { user { 'dan': ensure => present, } } - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `delete` -Deletes all instances of a given element from an array, substring from a -string, or key from a hash. For example, `delete(['a','b','c','b'], 'b')` returns ['a','c']; `delete('abracadabra', 'bra')` returns 'acada'. `delete({'a' => 1,'b' => 2,'c' => 3},['b','c'])` returns {'a'=> 1} *Type*: rvalue +Deletes all instances of a given element from an array, substring from a string, or key from a hash. For example, `delete(['a','b','c','b'], 'b')` returns ['a','c']; `delete('abracadabra', 'bra')` returns 'acada'. `delete({'a' => 1,'b' => 2,'c' => 3},['b','c'])` returns {'a'=> 1}. *Type*: rvalue. #### `delete_at` -Deletes a determined indexed value from an array. For example, `delete_at(['a','b','c'], 1)` returns ['a','c']. *Type*: rvalue +Deletes a determined indexed value from an array. For example, `delete_at(['a','b','c'], 1)` returns ['a','c']. *Type*: rvalue. #### `delete_values` -Deletes all instances of a given value from a hash. For example, `delete_values({'a'=>'A','b'=>'B','c'=>'C','B'=>'D'}, 'B')` returns {'a'=>'A','c'=>'C','B'=>'D'} *Type*: rvalue +Deletes all instances of a given value from a hash. For example, `delete_values({'a'=>'A','b'=>'B','c'=>'C','B'=>'D'}, 'B')` returns {'a'=>'A','c'=>'C','B'=>'D'} *Type*: rvalue. #### `delete_undef_values` -Deletes all instances of the undef value from an array or hash. For example, `$hash = delete_undef_values({a=>'A', b=>'', c=>undef, d => false})` returns {a => 'A', b => '', d => false}. *Type*: rvalue +Deletes all instances of the undef value from an array or hash. For example, `$hash = delete_undef_values({a=>'A', b=>'', c=>undef, d => false})` returns {a => 'A', b => '', d => false}. *Type*: rvalue. #### `difference` -Returns the difference between two arrays. -The returned array is a copy of the original array, removing any items that -also appear in the second array. For example, `difference(["a","b","c"],["b","c","d"])` returns ["a"]. +Returns the difference between two arrays. The returned array is a copy of the original array, removing any items that also appear in the second array. For example, `difference(["a","b","c"],["b","c","d"])` returns ["a"]. *Type*: rvalue. #### `dirname` -Returns the `dirname` of a path. For example, `dirname('/path/to/a/file.ext')` returns '/path/to/a'. +Returns the `dirname` of a path. For example, `dirname('/path/to/a/file.ext')` returns '/path/to/a'. *Type*: rvalue. #### `downcase` -Converts the case of a string or of all strings in an array to lowercase. *Type*: rvalue +Converts the case of a string or of all strings in an array to lowercase. *Type*: rvalue. #### `empty` -Returns 'true' if the variable is empty. *Type*: rvalue +Returns 'true' if the variable is empty. *Type*: rvalue. #### `ensure_packages` -Takes a list of packages and only installs them if they don't already exist. It optionally takes a hash as a second parameter to be passed as the third argument to the `ensure_resource()` function. *Type*: statement +Takes a list of packages and only installs them if they don't already exist. It optionally takes a hash as a second parameter to be passed as the third argument to the `ensure_resource()` function. *Type*: statement. #### `ensure_resource` Takes a resource type, title, and a list of attributes that describe a resource. - ``` - user { 'dan': - ensure => present, - } - ``` +~~~ +user { 'dan': + ensure => present, +} +~~~ - This example only creates the resource if it does not already exist: +This example only creates the resource if it does not already exist: - `ensure_resource('user', 'dan', {'ensure' => 'present' })` + `ensure_resource('user', 'dan', {'ensure' => 'present' })` - If the resource already exists, but does not match the specified parameters, this function attempts to recreate the resource, leading to a duplicate resource definition error. +If the resource already exists, but does not match the specified parameters, this function attempts to recreate the resource, leading to a duplicate resource definition error. - An array of resources can also be passed in, and each will be created with the type and parameters specified if it doesn't already exist. +An array of resources can also be passed in, and each will be created with the type and parameters specified if it doesn't already exist. `ensure_resource('user', ['dan','alex'], {'ensure' => 'present'})` - *Type*: statement +*Type*: statement. #### `flatten` -This function flattens any deeply nested arrays and returns a single flat array as a result. For example, `flatten(['a', ['b', ['c']]])` returns ['a','b','c']. *Type*: rvalue +Flattens deeply nested arrays and returns a single flat array as a result. For example, `flatten(['a', ['b', ['c']]])` returns ['a','b','c']. *Type*: rvalue. #### `floor` -Returns the largest integer less than or equal to the argument. -Takes a single numeric value as an argument. *Type*: rvalue +Takes a single numeric value as an argument, and returns the largest integer less than or equal to the argument. *Type*: rvalue. #### `fqdn_rand_string` Generates a random alphanumeric string using an optionally-specified character set (default is alphanumeric), combining the `$fqdn` fact and an optional seed for repeatable randomness. *Usage:* -``` +~~~ fqdn_rand_string(LENGTH, [CHARSET], [SEED]) -``` +~~~ *Examples:* -``` +~~~ fqdn_rand_string(10) fqdn_rand_string(10, 'ABCDEF!@#$%^') fqdn_rand_string(10, '', 'custom seed') -``` +~~~ -*Type*: rvalue +*Type*: rvalue. #### `fqdn_rotate` -Rotates an array a random number of times based on a node's fqdn. *Type*: rvalue +Rotates an array a random number of times, based on a node's fqdn. *Type*: rvalue. #### `get_module_path` @@ -271,16 +267,15 @@ Returns the absolute path of the specified module for the current environment. `$module_path = get_module_path('stdlib')` - *Type*: rvalue +*Type*: rvalue. #### `getparam` -Takes a resource reference and the name of the parameter and -returns the value of the resource's parameter. For example, the following code returns 'param_value'. +Takes a resource reference and the name of the parameter, and returns the value of the resource's parameter. - *Example:* +For example, the following returns 'param_value': - ``` + ~~~ define example_resource($param) { } @@ -289,73 +284,73 @@ returns the value of the resource's parameter. For example, the following code r } getparam(Example_resource["example_resource_instance"], "param") - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `getvar` -Lookup a variable in a remote namespace. +Looks up a variable in a remote namespace. - For example: +For example: - ``` + ~~~ $foo = getvar('site::data::foo') # Equivalent to $foo = $site::data::foo - ``` + ~~~ - This is useful if the namespace itself is stored in a string: +This is useful if the namespace itself is stored in a string: - ``` + ~~~ $datalocation = 'site::data' $bar = getvar("${datalocation}::bar") # Equivalent to $bar = $site::data::bar - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `grep` -This function searches through an array and returns any elements that match the provided regular expression. For example, `grep(['aaa','bbb','ccc','aaaddd'], 'aaa')` returns ['aaa','aaaddd']. *Type*: rvalue +Searches through an array and returns any elements that match the provided regular expression. For example, `grep(['aaa','bbb','ccc','aaaddd'], 'aaa')` returns ['aaa','aaaddd']. *Type*: rvalue. #### `has_interface_with` -Returns boolean based on kind and value: +Returns a boolean based on kind and value: * macaddress * netmask * ipaddress * network - *Examples:* +*Examples:* - ``` + ~~~ has_interface_with("macaddress", "x:x:x:x:x:x") has_interface_with("ipaddress", "127.0.0.1") => true - ``` + ~~~ - If no kind is given, then the presence of the interface is checked: +If no kind is given, then the presence of the interface is checked: - ``` + ~~~ has_interface_with("lo") => true - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `has_ip_address` -Returns true if the client has the requested IP address on some interface. This function iterates through the `interfaces` fact and checks the `ipaddress_IFACE` facts, performing a simple string comparison. *Type*: rvalue +Returns 'true' if the client has the requested IP address on some interface. This function iterates through the `interfaces` fact and checks the `ipaddress_IFACE` facts, performing a simple string comparison. *Type*: rvalue. #### `has_ip_network` -Returns true if the client has an IP address within the requested network. This function iterates through the 'interfaces' fact and checks the 'network_IFACE' facts, performing a simple string comparision. *Type*: rvalue +Returns 'true' if the client has an IP address within the requested network. This function iterates through the `interfaces` fact and checks the `network_IFACE` facts, performing a simple string comparision. *Type*: rvalue. #### `has_key` -Determine if a hash has a certain key value. +Determines if a hash has a certain key value. - *Example*: +*Example*: - ``` + ~~~ $my_hash = {'key_one' => 'value_one'} if has_key($my_hash, 'key_two') { notice('we will not reach here') @@ -363,159 +358,166 @@ Determine if a hash has a certain key value. if has_key($my_hash, 'key_one') { notice('this will be printed') } - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `hash` -This function converts an array into a hash. For example, `hash(['a',1,'b',2,'c',3])` returns {'a'=>1,'b'=>2,'c'=>3}. *Type*: rvalue +Converts an array into a hash. For example, `hash(['a',1,'b',2,'c',3])` returns {'a'=>1,'b'=>2,'c'=>3}. *Type*: rvalue. #### `intersection` -This function returns an array an intersection of two. For example, `intersection(["a","b","c"],["b","c","d"])` returns ["b","c"]. +Returns an array an intersection of two. For example, `intersection(["a","b","c"],["b","c","d"])` returns ["b","c"]. *Type*: rvalue. #### `is_array` -Returns 'true' if the variable passed to this function is an array. *Type*: rvalue +Returns 'true' if the variable passed to this function is an array. *Type*: rvalue. #### `is_bool` -Returns 'true' if the variable passed to this function is a boolean. *Type*: rvalue +Returns 'true' if the variable passed to this function is a boolean. *Type*: rvalue. #### `is_domain_name` -Returns 'true' if the string passed to this function is a syntactically correct domain name. *Type*: rvalue +Returns 'true' if the string passed to this function is a syntactically correct domain name. *Type*: rvalue. #### `is_float` -Returns 'true' if the variable passed to this function is a float. *Type*: rvalue +Returns 'true' if the variable passed to this function is a float. *Type*: rvalue. #### `is_function_available` -This function accepts a string as an argument and determines whether the Puppet runtime has access to a function by that name. It returns 'true' if the function exists, 'false' if not. *Type*: rvalue +Accepts a string as an argument and determines whether the Puppet runtime has access to a function by that name. It returns 'true' if the function exists, 'false' if not. *Type*: rvalue. #### `is_hash` -Returns 'true' if the variable passed to this function is a hash. *Type*: rvalue +Returns 'true' if the variable passed to this function is a hash. *Type*: rvalue. #### `is_integer` -Returns 'true' if the variable returned to this string is an integer. *Type*: rvalue +Returns 'true' if the variable returned to this string is an integer. *Type*: rvalue. #### `is_ip_address` -Returns 'true' if the string passed to this function is a valid IP address. *Type*: rvalue +Returns 'true' if the string passed to this function is a valid IP address. *Type*: rvalue. #### `is_mac_address` -Returns 'true' if the string passed to this function is a valid MAC address. *Type*: rvalue +Returns 'true' if the string passed to this function is a valid MAC address. *Type*: rvalue. #### `is_numeric` -Returns 'true' if the variable passed to this function is a number. *Type*: rvalue +Returns 'true' if the variable passed to this function is a number. *Type*: rvalue. #### `is_string` -Returns 'true' if the variable passed to this function is a string. *Type*: rvalue +Returns 'true' if the variable passed to this function is a string. *Type*: rvalue. #### `join` -This function joins an array into a string using a separator. For example, `join(['a','b','c'], ",")` results in: "a,b,c". *Type*: rvalue +Joins an array into a string using a separator. For example, `join(['a','b','c'], ",")` results in: "a,b,c". *Type*: rvalue. #### `join_keys_to_values` -This function joins each key of a hash to that key's corresponding value with a separator. Keys and values are cast to strings. The return value is an array in which each element is one joined key/value pair. For example, `join_keys_to_values({'a'=>1,'b'=>2}, " is ")` results in ["a is 1","b is 2"]. *Type*: rvalue +Joins each key of a hash to that key's corresponding value with a separator. Keys and values are cast to strings. The return value is an array in which each element is one joined key/value pair. For example, `join_keys_to_values({'a'=>1,'b'=>2}, " is ")` results in ["a is 1","b is 2"]. *Type*: rvalue. #### `keys` -Returns the keys of a hash as an array. *Type*: rvalue +Returns the keys of a hash as an array. *Type*: rvalue. #### `loadyaml` -Load a YAML file containing an array, string, or hash, and return the data in the corresponding native data type. For example: +Loads a YAML file containing an array, string, or hash, and returns the data in the corresponding native data type. For example: - ``` + ~~~ $myhash = loadyaml('/etc/puppet/data/myhash.yaml') - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `lstrip` -Strips leading spaces to the left of a string. *Type*: rvalue +Strips spaces to the left of a string. *Type*: rvalue. #### `max` -Returns the highest value of all arguments. Requires at least one argument. *Type*: rvalue +Returns the highest value of all arguments. Requires at least one argument. *Type*: rvalue. #### `member` -This function determines if a variable is a member of an array. The variable can be either a string, array, or fixnum. For example, `member(['a','b'], 'b')` and `member(['a','b','c'], ['b','c'])` return 'true', while `member(['a','b'], 'c')` and `member(['a','b','c'], ['c','d'])` return 'false'. *Type*: rvalue +This function determines if a variable is a member of an array. The variable can be either a string, array, or fixnum. For example, `member(['a','b'], 'b')` and `member(['a','b','c'], ['b','c'])` return 'true', while `member(['a','b'], 'c')` and `member(['a','b','c'], ['c','d'])` return 'false'. *Note*: This function does not support nested arrays. If the first argument contains nested arrays, it will not recurse through them. + +*Type*: rvalue. #### `merge` Merges two or more hashes together and returns the resulting hash. - *Example*: +*Example*: - ``` + ~~~ $hash1 = {'one' => 1, 'two' => 2} $hash2 = {'two' => 'dos', 'three' => 'tres'} $merged_hash = merge($hash1, $hash2) # The resulting hash is equivalent to: # $merged_hash = {'one' => 1, 'two' => 'dos', 'three' => 'tres'} - ``` + ~~~ - When there is a duplicate key, the key in the rightmost hash "wins." *Type*: rvalue +When there is a duplicate key, the key in the rightmost hash "wins." *Type*: rvalue. #### `min` -Returns the lowest value of all arguments. Requires at least one argument. *Type*: rvalue +Returns the lowest value of all arguments. Requires at least one argument. *Type*: rvalue. #### `num2bool` -This function converts a number or a string representation of a number into a true boolean. Zero or anything non-numeric becomes 'false'. Numbers greater than 0 become 'true'. *Type*: rvalue +Converts a number or a string representation of a number into a true boolean. Zero or anything non-numeric becomes 'false'. Numbers greater than 0 become 'true'. *Type*: rvalue. #### `parsejson` -This function accepts JSON as a string and converts into the correct Puppet structure. *Type*: rvalue +Converts a string of JSON into the correct Puppet structure. *Type*: rvalue. #### `parseyaml` -This function accepts YAML as a string and converts it into the correct Puppet structure. *Type*: rvalue +Converts a string of YAML into the correct Puppet structure. *Type*: rvalue. #### `pick` From a list of values, returns the first value that is not undefined or an empty string. Takes any number of arguments, and raises an error if all values are undefined or empty. - ``` + ~~~ $real_jenkins_version = pick($::jenkins_version, '1.449') - ``` + ~~~ - *Type*: rvalue +*Type*: rvalue. #### `prefix` -This function applies a prefix to all elements in an array or to the keys in a hash. For example, `prefix(['a','b','c'], 'p')` returns ['pa','pb','pc'], and `prefix({'a'=>'b','b'=>'c','c'=>'d'}, 'p')` returns {'pa'=>'b','pb'=>'c','pc'=>'d'}. *Type*: rvalue +Applies a prefix to all elements in an array, or to the keys in a hash. +For example: +* `prefix(['a','b','c'], 'p')` returns ['pa','pb','pc'] +* `prefix({'a'=>'b','b'=>'c','c'=>'d'}, 'p')` returns {'pa'=>'b','pb'=>'c','pc'=>'d'}. +*Type*: rvalue. #### `assert_private` -This function sets the current class or definition as private. -Calling the class or definition from outside the current module will fail. For example, `assert_private()` called in class `foo::bar` outputs the following message if class is called from outside module `foo`: +Sets the current class or definition as private. Calling the class or definition from outside the current module will fail. - ``` +For example, `assert_private()` called in class `foo::bar` outputs the following message if class is called from outside module `foo`: + + ~~~ Class foo::bar is private - ``` + ~~~ - You can specify the error message you want to use: + To specify the error message you want to use: - ``` + ~~~ assert_private("You're not supposed to do that!") - ``` + ~~~ - *Type*: statement +*Type*: statement. #### `pw_hash` @@ -533,65 +535,65 @@ The second argument to this function is which type of hash to use. It will be co The third argument to this function is the salt to use. -Note: this uses the Puppet Master's implementation of crypt(3). If your environment contains several different operating systems, ensure that they are compatible before using this function. +**Note:** this uses the Puppet master's implementation of crypt(3). If your environment contains several different operating systems, ensure that they are compatible before using this function. #### `range` -When given range in the form of '(start, stop)', `range` extrapolates a range as an array. For example, `range("0", "9")` returns [0,1,2,3,4,5,6,7,8,9]. Zero-padded strings are converted to integers automatically, so `range("00", "09")` returns [0,1,2,3,4,5,6,7,8,9]. +Extrapolates a range as an array when given in the form of '(start, stop)'. For example, `range("0", "9")` returns [0,1,2,3,4,5,6,7,8,9]. Zero-padded strings are converted to integers automatically, so `range("00", "09")` returns [0,1,2,3,4,5,6,7,8,9]. - Non-integer strings are accepted; `range("a", "c")` returns ["a","b","c"], and `range("host01", "host10")` returns ["host01", "host02", ..., "host09", "host10"]. +Non-integer strings are accepted; `range("a", "c")` returns ["a","b","c"], and `range("host01", "host10")` returns ["host01", "host02", ..., "host09", "host10"]. - Passing a third argument will cause the generated range to step by that interval, e.g. `range("0", "9", "2")` returns ["0","2","4","6","8"] +Passing a third argument will cause the generated range to step by that interval, e.g. `range("0", "9", "2")` returns ["0","2","4","6","8"]. - *Type*: rvalue +*Type*: rvalue. #### `reject` -This function searches through an array and rejects all elements that match the provided regular expression. For example, `reject(['aaa','bbb','ccc','aaaddd'], 'aaa')` returns ['bbb','ccc']. *Type*: rvalue +Searches through an array and rejects all elements that match the provided regular expression. For example, `reject(['aaa','bbb','ccc','aaaddd'], 'aaa')` returns ['bbb','ccc']. *Type*: rvalue. #### `reverse` -Reverses the order of a string or array. *Type*: rvalue +Reverses the order of a string or array. *Type*: rvalue. #### `rstrip` -Strips leading spaces to the right of the string.*Type*: rvalue +Strips spaces to the right of the string. *Type*: rvalue. #### `shuffle` -Randomizes the order of a string or array elements. *Type*: rvalue +Randomizes the order of a string or array elements. *Type*: rvalue. #### `size` -Returns the number of elements in a string or array. *Type*: rvalue +Returns the number of elements in a string or an array. *Type*: rvalue. #### `sort` -Sorts strings and arrays lexically. *Type*: rvalue +Sorts strings and arrays lexically. *Type*: rvalue. #### `squeeze` -Returns a new string where runs of the same character that occur in this set are replaced by a single character. *Type*: rvalue +Returns a new string where runs of the same character that occur in this set are replaced by a single character. *Type*: rvalue. #### `str2bool` -This converts a string to a boolean. This attempts to convert strings that contain values such as '1', 't', 'y', and 'yes' to 'true' and strings that contain values such as '0', 'f', 'n', and 'no' to 'false'. *Type*: rvalue +Converts a string to a boolean. This attempts to convert strings that contain values such as '1', 't', 'y', and 'yes' to 'true' and strings that contain values such as '0', 'f', 'n', and 'no' to 'false'. *Type*: rvalue. #### `str2saltedsha512` -This converts a string to a salted-SHA512 password hash, used for OS X versions >= 10.7. Given any string, this function returns a hex version of a salted-SHA512 password hash, which can be inserted into your Puppet -manifests as a valid password attribute. *Type*: rvalue +Converts a string to a salted-SHA512 password hash, used for OS X versions >= 10.7. Given any string, this function returns a hex version of a salted-SHA512 password hash, which can be inserted into your Puppet +manifests as a valid password attribute. *Type*: rvalue. #### `strftime` -This function returns formatted time. For example, `strftime("%s")` returns the time since epoch, and `strftime("%Y=%m-%d")` returns the date. *Type*: rvalue +Returns formatted time. For example, `strftime("%s")` returns the time since Unix epoch, and `strftime("%Y-%m-%d")` returns the date. *Type*: rvalue. *Format:* * `%a`: The abbreviated weekday name ('Sun') - * `%A`: The full weekday name ('Sunday') + * `%A`: The full weekday name ('Sunday') * `%b`: The abbreviated month name ('Jan') - * `%B`: The full month name ('January') + * `%B`: The full month name ('January') * `%c`: The preferred local date and time representation * `%C`: Century (20 in 2009) * `%d`: Day of the month (01..31) @@ -612,227 +614,220 @@ This function returns formatted time. For example, `strftime("%s")` returns the * `%3N`: Millisecond (3 digits) * `%6N`: Microsecond (6 digits) * `%9N`: Nanosecond (9 digits) - * `%p`: Meridian indicator ('AM' or 'PM') - * `%P`: Meridian indicator ('am' or 'pm') + * `%p`: Meridian indicator ('AM' or 'PM') + * `%P`: Meridian indicator ('am' or 'pm') * `%r`: Time, 12-hour (same as %I:%M:%S %p) * `%R`: Time, 24-hour (%H:%M) - * `%s`: Number of seconds since 1970-01-01 00:00:00 UTC. + * `%s`: Number of seconds since the Unix epoch, 1970-01-01 00:00:00 UTC. * `%S`: Second of the minute (00..60) * `%t`: Tab character ( ) * `%T`: Time, 24-hour (%H:%M:%S) * `%u`: Day of the week as a decimal, Monday being 1. (1..7) - * `%U`: Week number of the current year, starting with the first Sunday as the first day of the first week (00..53) + * `%U`: Week number of the current year, starting with the first Sunday as the first day of the first week (00..53) * `%v`: VMS date (%e-%b-%Y) * `%V`: Week number of year according to ISO 8601 (01..53) - * `%W`: Week number of the current year, starting with the first Monday as the first day of the first week (00..53) + * `%W`: Week number of the current year, starting with the first Monday as the first day of the first week (00..53) * `%w`: Day of the week (Sunday is 0, 0..6) * `%x`: Preferred representation for the date alone, no time * `%X`: Preferred representation for the time alone, no date * `%y`: Year without a century (00..99) * `%Y`: Year with century - * `%z`: Time zone as hour offset from UTC (e.g. +0900) + * `%z`: Time zone as hour offset from UTC (e.g. +0900) * `%Z`: Time zone name * `%%`: Literal '%' character #### `strip` -This function removes leading and trailing whitespace from a string or from every string inside an array. For example, `strip(" aaa ")` results in "aaa". *Type*: rvalue +Removes leading and trailing whitespace from a string or from every string inside an array. For example, `strip(" aaa ")` results in "aaa". *Type*: rvalue. #### `suffix` -This function applies a suffix to all elements in an array. For example, `suffix(['a','b','c'], 'p')` returns ['ap','bp','cp']. *Type*: rvalue +Applies a suffix to all elements in an array. For example, `suffix(['a','b','c'], 'p')` returns ['ap','bp','cp']. *Type*: rvalue. #### `swapcase` -This function swaps the existing case of a string. For example, `swapcase("aBcD")` results in "AbCd". *Type*: rvalue +Swaps the existing case of a string. For example, `swapcase("aBcD")` results in "AbCd". *Type*: rvalue. #### `time` -This function returns the current time since epoch as an integer. For example, `time()` returns something like '1311972653'. *Type*: rvalue +Returns the current Unix epoch time as an integer. For example, `time()` returns something like '1311972653'. *Type*: rvalue. #### `to_bytes` -Converts the argument into bytes, for example 4 kB becomes 4096. -Takes a single string value as an argument. *Type*: rvalue +Converts the argument into bytes, for example "4 kB" becomes "4096". Takes a single string value as an argument. *Type*: rvalue. #### `type3x` -Returns a string description of the type when passed a value. Type can be a string, array, hash, float, integer, or boolean. This function will be removed when puppet 3 support is dropped and the new type system may be used. *Type*: rvalue +Returns a string description of the type when passed a value. Type can be a string, array, hash, float, integer, or boolean. This function will be removed when Puppet 3 support is dropped and the new type system can be used. *Type*: rvalue. #### `type_of` -Returns the literal type when passed a value. Requires the new - parser. Useful for comparison of types with `<=` such as in `if - type_of($some_value) <= Array[String] { ... }` (which is equivalent to `if - $some_value =~ Array[String] { ... }`) *Type*: rvalue +Returns the literal type when passed a value. Requires the new parser. Useful for comparison of types with `<=` such as in `if type_of($some_value) <= Array[String] { ... }` (which is equivalent to `if $some_value =~ Array[String] { ... }`) *Type*: rvalue. #### `union` -This function returns a union of two arrays. For example, `union(["a","b","c"],["b","c","d"])` returns ["a","b","c","d"]. +Returns a union of two arrays, without duplicates. For example, `union(["a","b","c"],["b","c","d"])` returns ["a","b","c","d"]. #### `unique` -This function removes duplicates from strings and arrays. For example, `unique("aabbcc")` returns 'abc'. - -You can also use this with arrays. For example, `unique(["a","a","b","b","c","c"])` returns ["a","b","c"]. *Type*: rvalue +Removes duplicates from strings and arrays. For example, `unique("aabbcc")` returns 'abc', and `unique(["a","a","b","b","c","c"])` returns ["a","b","c"]. *Type*: rvalue. #### `upcase` -Converts an object, array or hash of objects that respond to upcase to uppercase. For example, `upcase("abcd")` returns 'ABCD'. *Type*: rvalue +Converts an object, array or hash of objects that respond to upcase to uppercase. For example, `upcase('abcd')` returns 'ABCD'. *Type*: rvalue. #### `uriescape` -Urlencodes a string or array of strings. Requires either a single string or an array as an input. *Type*: rvalue +URLEncodes a string or array of strings. Requires either a single string or an array as an input. *Type*: rvalue. #### `validate_absolute_path` -Validate the string represents an absolute path in the filesystem. This function works for Windows and Unix style paths. +Validates that a given string represents an absolute path in the filesystem. Works for Windows and Unix style paths. - The following values will pass: +The following values pass: - ``` - $my_path = 'C:/Program Files (x86)/Puppet Labs/Puppet' - validate_absolute_path($my_path) - $my_path2 = '/var/lib/puppet' - validate_absolute_path($my_path2) - $my_path3 = ['C:/Program Files (x86)/Puppet Labs/Puppet','C:/Program Files/Puppet Labs/Puppet'] - validate_absolute_path($my_path3) - $my_path4 = ['/var/lib/puppet','/usr/share/puppet'] - validate_absolute_path($my_path4) - ``` +~~~ +$my_path = 'C:/Program Files (x86)/Puppet Labs/Puppet' +validate_absolute_path($my_path) +$my_path2 = '/var/lib/puppet' +validate_absolute_path($my_path2) +$my_path3 = ['C:/Program Files (x86)/Puppet Labs/Puppet','C:/Program Files/Puppet Labs/Puppet'] +validate_absolute_path($my_path3) +$my_path4 = ['/var/lib/puppet','/usr/share/puppet'] +validate_absolute_path($my_path4) +~~~ - The following values will fail, causing compilation to abort: +The following values fail, causing compilation to abort: - ``` - validate_absolute_path(true) - validate_absolute_path('../var/lib/puppet') - validate_absolute_path('var/lib/puppet') - validate_absolute_path([ 'var/lib/puppet', '/var/foo' ]) - validate_absolute_path([ '/var/lib/puppet', 'var/foo' ]) - $undefined = undef - validate_absolute_path($undefined) - ``` +~~~ +validate_absolute_path(true) +validate_absolute_path('../var/lib/puppet') +validate_absolute_path('var/lib/puppet') +validate_absolute_path([ 'var/lib/puppet', '/var/foo' ]) +validate_absolute_path([ '/var/lib/puppet', 'var/foo' ]) +$undefined = undef +validate_absolute_path($undefined) +~~~ - *Type*: statement +*Type*: statement. #### `validate_array` -Validate that all passed values are array data structures. Abort catalog compilation if any value fails this check. +Validates that all passed values are array data structures. Aborts catalog compilation if any value fails this check. - The following values will pass: +The following values pass: - ``` - $my_array = [ 'one', 'two' ] - validate_array($my_array) - ``` +~~~ +$my_array = [ 'one', 'two' ] +validate_array($my_array) +~~~ - The following values will fail, causing compilation to abort: +The following values fail, causing compilation to abort: - ``` - validate_array(true) - validate_array('some_string') - $undefined = undef - validate_array($undefined) - ``` +~~~ +validate_array(true) +validate_array('some_string') +$undefined = undef +validate_array($undefined) +~~~ - *Type*: statement +*Type*: statement. #### `validate_augeas` -Performs validation of a string using an Augeas lens. -The first argument of this function should be the string to test, and the second argument should be the name of the Augeas lens to use. If Augeas fails to parse the string with the lens, the compilation aborts with a parse error. +Performs validation of a string using an Augeas lens. The first argument of this function should be the string to test, and the second argument should be the name of the Augeas lens to use. If Augeas fails to parse the string with the lens, the compilation aborts with a parse error. - A third optional argument lists paths which should **not** be found in the file. The `$file` variable points to the location of the temporary file being tested in the Augeas tree. +A third optional argument lists paths which should **not** be found in the file. The `$file` variable points to the location of the temporary file being tested in the Augeas tree. - For example, to make sure your passwd content never contains user `foo`: +For example, to make sure your $passwdcontent never contains user `foo`: - ``` - validate_augeas($passwdcontent, 'Passwd.lns', ['$file/foo']) - ``` +~~~ +validate_augeas($passwdcontent, 'Passwd.lns', ['$file/foo']) +~~~ - To ensure that no users use the '/bin/barsh' shell: +To ensure that no users use the '/bin/barsh' shell: - ``` - validate_augeas($passwdcontent, 'Passwd.lns', ['$file/*[shell="/bin/barsh"]'] - ``` +~~~ +validate_augeas($passwdcontent, 'Passwd.lns', ['$file/*[shell="/bin/barsh"]'] +~~~ - You can pass a fourth argument as the error message raised and shown to the user: +You can pass a fourth argument as the error message raised and shown to the user: - ``` - validate_augeas($sudoerscontent, 'Sudoers.lns', [], 'Failed to validate sudoers content with Augeas') - ``` +~~~ +validate_augeas($sudoerscontent, 'Sudoers.lns', [], 'Failed to validate sudoers content with Augeas') +~~~ - *Type*: statement +*Type*: statement. #### `validate_bool` -Validate that all passed values are either true or false. Abort catalog compilation if any value fails this check. +Validates that all passed values are either true or false. Aborts catalog compilation if any value fails this check. - The following values will pass: +The following values will pass: - ``` - $iamtrue = true - validate_bool(true) - validate_bool(true, true, false, $iamtrue) - ``` +~~~ +$iamtrue = true +validate_bool(true) +validate_bool(true, true, false, $iamtrue) +~~~ - The following values will fail, causing compilation to abort: +The following values will fail, causing compilation to abort: - ``` - $some_array = [ true ] - validate_bool("false") - validate_bool("true") - validate_bool($some_array) - ``` +~~~ +$some_array = [ true ] +validate_bool("false") +validate_bool("true") +validate_bool($some_array) +~~~ - *Type*: statement +*Type*: statement. #### `validate_cmd` -Performs validation of a string with an external command. The first argument of this function should be a string to test, and the second argument should be a path to a test command taking a % as a placeholder for the file path (will default to the end of the command if no % placeholder given). If the command, launched against a tempfile containing the passed string, returns a non-null value, compilation will abort with a parse error. +Performs validation of a string with an external command. The first argument of this function should be a string to test, and the second argument should be a path to a test command taking a % as a placeholder for the file path (will default to the end of the command if no % placeholder given). If the command is launched against a tempfile containing the passed string, or returns a non-null value, compilation will abort with a parse error. If a third argument is specified, this will be the error message raised and seen by the user. - ``` - # Defaults to end of path - validate_cmd($sudoerscontent, '/usr/sbin/visudo -c -f', 'Visudo failed to validate sudoers content') - ``` - ``` - # % as file location - validate_cmd($haproxycontent, '/usr/sbin/haproxy -f % -c', 'Haproxy failed to validate config content') - ``` +~~~ +# Defaults to end of path +validate_cmd($sudoerscontent, '/usr/sbin/visudo -c -f', 'Visudo failed to validate sudoers content') +~~~ +~~~ +# % as file location +validate_cmd($haproxycontent, '/usr/sbin/haproxy -f % -c', 'Haproxy failed to validate config content') +~~~ - *Type*: statement +*Type*: statement. #### `validate_hash` -Validates that all passed values are hash data structures. Abort catalog compilation if any value fails this check. +Validates that all passed values are hash data structures. Aborts catalog compilation if any value fails this check. The following values will pass: - ``` + ~~~ $my_hash = { 'one' => 'two' } validate_hash($my_hash) - ``` + ~~~ The following values will fail, causing compilation to abort: - ``` + ~~~ validate_hash(true) validate_hash('some_string') $undefined = undef validate_hash($undefined) - ``` + ~~~ - *Type*: statement +*Type*: statement. #### `validate_integer` -Validate that the first argument is an integer (or an array of integers). Abort catalog compilation if any of the checks fail. - +Validates that the first argument is an integer (or an array of integers). Aborts catalog compilation if any of the checks fail. + The second argument is optional and passes a maximum. (All elements of) the first argument has to be less or equal to this max. - The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. + The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. If, and only if, a minimum is given, the second argument may be an empty string or undef, which will be handled to just check if (all elements of) the first argument are greater or equal to the given minimum. @@ -840,7 +835,7 @@ Validate that the first argument is an integer (or an array of integers). Abort The following values will pass: - ``` + ~~~ validate_integer(1) validate_integer(1, 2) validate_integer(1, 1) @@ -852,14 +847,14 @@ Validate that the first argument is an integer (or an array of integers). Abort validate_integer(2, $foo, 0) validate_integer([1,2,3,4,5], 6) validate_integer([1,2,3,4,5], 6, 0) - ``` + ~~~ * Plus all of the above, but any combination of values passed as strings ('1' or "1"). * Plus all of the above, but with (correct) combinations of negative integer values. The following values will fail, causing compilation to abort: - ``` + ~~~ validate_integer(true) validate_integer(false) validate_integer(7.0) @@ -876,21 +871,21 @@ Validate that the first argument is an integer (or an array of integers). Abort validate_integer(1, 2, 3) validate_integer(1, 3, 2) validate_integer(1, 3, true) - ``` + ~~~ * Plus all of the above, but any combination of values passed as strings ('false' or "false"). * Plus all of the above, but with incorrect combinations of negative integer values. * Plus all of the above, but with non-integer crap in arrays or maximum / minimum argument. - *Type*: statement + *Type*: statement. #### `validate_numeric` -Validate that the first argument is a numeric value (or an array of numeric values). Abort catalog compilation if any of the checks fail. +Validates that the first argument is a numeric value (or an array of numeric values). Aborts catalog compilation if any of the checks fail. The second argument is optional and passes a maximum. (All elements of) the first argument has to be less or equal to this max. - The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. + The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. If, and only if, a minimum is given, the second argument may be an empty string or undef, which will be handled to just check if (all elements of) the first argument are greater or equal to the given minimum. @@ -898,37 +893,35 @@ Validate that the first argument is a numeric value (or an array of numeric valu For passing and failing usage, see `validate_integer()`. It is all the same for validate_numeric, yet now floating point values are allowed, too. - *Type*: statement +*Type*: statement. #### `validate_re` Performs simple validation of a string against one or more regular expressions. The first argument of this function should be the string to -test, and the second argument should be a stringified regular expression -(without the // delimiters) or an array of regular expressions. If none -of the regular expressions match the string passed in, compilation aborts with a parse error. +test, and the second argument should be a stringified regular expression (without the // delimiters) or an array of regular expressions. If none of the regular expressions match the string passed in, compilation aborts with a parse error. You can pass a third argument as the error message raised and shown to the user. The following strings validate against the regular expressions: - ``` + ~~~ validate_re('one', '^one$') validate_re('one', [ '^one', '^two' ]) - ``` + ~~~ The following string fails to validate, causing compilation to abort: - ``` + ~~~ validate_re('one', [ '^two', '^three' ]) - ``` + ~~~ To set the error message: - ``` + ~~~ validate_re($::puppetversion, '^2.7', 'The $puppetversion fact value does not match 2.7') - ``` + ~~~ - *Type*: statement +*Type*: statement. #### `validate_slength` @@ -936,64 +929,59 @@ Validates that the first argument is a string (or an array of strings), and is l The following values pass: - ``` + ~~~ validate_slength("discombobulate",17) validate_slength(["discombobulate","moo"],17) - ``` + ~~~ The following values fail: - ``` + ~~~ validate_slength("discombobulate",1) validate_slength(["discombobulate","thermometer"],5) - ``` + ~~~ - *Type*: statement +*Type*: statement. #### `validate_string` Validates that all passed values are string data structures. Aborts catalog compilation if any value fails this check. - The following values pass: +The following values pass: - ``` + ~~~ $my_string = "one two" validate_string($my_string, 'three') - ``` + ~~~ The following values fail, causing compilation to abort: - ``` + ~~~ validate_string(true) validate_string([ 'some', 'array' ]) - $undefined = undef - validate_string($undefined) - ``` + ~~~ - *Type*: statement +*Note:* validate_string(undef) will not fail in this version of the functions API (incl. current and future parser). -#### `values` +Instead, use: -When given a hash, this function returns the values of that hash. + ~~~ + if $var == undef { + fail('...') + } + ~~~ - *Examples:* +*Type*: statement. - ``` - $hash = { - 'a' => 1, - 'b' => 2, - 'c' => 3, - } - values($hash) - ``` +#### `values` - The example above returns [1,2,3]. +Returns the values of a given hash. For example, given `$hash = {'a'=1, 'b'=2, 'c'=3} values($hash)` returns [1,2,3]. - *Type*: rvalue +*Type*: rvalue. #### `values_at` -Finds value inside an array based on location. The first argument is the array you want to analyze, and the second element can be a combination of: +Finds values inside an array based on location. The first argument is the array you want to analyze, and the second argument can be a combination of: * A single numeric index * A range in the form of 'start-stop' (eg. 4-9) @@ -1001,15 +989,15 @@ Finds value inside an array based on location. The first argument is the array y For example, `values_at(['a','b','c'], 2)` returns ['c']; `values_at(['a','b','c'], ["0-1"])` returns ['a','b']; and `values_at(['a','b','c','d','e'], [0, "2-3"])` returns ['a','c','d']. - *Type*: rvalue +*Type*: rvalue. #### `zip` -Takes one element from first array and merges corresponding elements from second array. This generates a sequence of n-element arrays, where n is one more than the count of arguments. For example, `zip(['1','2','3'],['4','5','6'])` results in ["1", "4"], ["2", "5"], ["3", "6"]. *Type*: rvalue +Takes one element from first array given and merges corresponding elements from second array given. This generates a sequence of n-element arrays, where *n* is one more than the count of arguments. For example, `zip(['1','2','3'],['4','5','6'])` results in ["1", "4"], ["2", "5"], ["3", "6"]. *Type*: rvalue. ##Limitations -As of Puppet Enterprise version 3.7, the stdlib module is no longer included in PE. PE users should install the most recent release of stdlib for compatibility with Puppet modules. +As of Puppet Enterprise 3.7, the stdlib module is no longer included in PE. PE users should install the most recent release of stdlib for compatibility with Puppet modules. ###Version Compatibility @@ -1024,11 +1012,7 @@ Versions | Puppet 2.6 | Puppet 2.7 | Puppet 3.x | Puppet 4.x | ##Development -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -You can read the complete module contribution guide on the [Puppet Labs wiki](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing). +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) To report or research a bug with any part of this module, please go to [http://tickets.puppetlabs.com/browse/PUP](http://tickets.puppetlabs.com/browse/PUP). diff --git a/stdlib/lib/facter/facter_dot_d.rb b/stdlib/lib/facter/facter_dot_d.rb index b0584370a..d85940de5 100644 --- a/stdlib/lib/facter/facter_dot_d.rb +++ b/stdlib/lib/facter/facter_dot_d.rb @@ -8,7 +8,7 @@ # contains a cache TTL. For foo.sh store the ttl as just # a number in foo.sh.ttl # -# The cache is stored in /tmp/facts_cache.yaml as a mode +# The cache is stored in $libdir/facts_dot_d.cache as a mode # 600 file and will have the end result of not calling your # fact scripts more often than is needed diff --git a/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb b/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb index cf22d3681..d9741a02f 100644 --- a/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb +++ b/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb @@ -39,9 +39,9 @@ module Puppet::Parser::Functions if defined?(Random) == 'constant' && Random.class == Class offset = Random.new(seed).rand(elements) else - srand(seed) + old_seed = srand(seed) offset = rand(elements) - srand() + srand(old_seed) end end offset.times { diff --git a/stdlib/lib/puppet/parser/functions/validate_integer.rb b/stdlib/lib/puppet/parser/functions/validate_integer.rb index 995f8dbf8..95da0c4ef 100644 --- a/stdlib/lib/puppet/parser/functions/validate_integer.rb +++ b/stdlib/lib/puppet/parser/functions/validate_integer.rb @@ -109,6 +109,7 @@ module Puppet::Parser::Functions # check every element of the array input.each_with_index do |arg, pos| begin + raise TypeError if arg.is_a?(Hash) arg = Integer(arg.to_s) validator.call(arg) rescue TypeError, ArgumentError diff --git a/stdlib/lib/puppet/parser/functions/validate_numeric.rb b/stdlib/lib/puppet/parser/functions/validate_numeric.rb index d2e4d16a0..3a144434b 100644 --- a/stdlib/lib/puppet/parser/functions/validate_numeric.rb +++ b/stdlib/lib/puppet/parser/functions/validate_numeric.rb @@ -71,6 +71,7 @@ module Puppet::Parser::Functions # check every element of the array input.each_with_index do |arg, pos| begin + raise TypeError if arg.is_a?(Hash) arg = Float(arg.to_s) validator.call(arg) rescue TypeError, ArgumentError diff --git a/stdlib/lib/puppet/provider/file_line/ruby.rb b/stdlib/lib/puppet/provider/file_line/ruby.rb index e7854f001..c58e27eec 100644 --- a/stdlib/lib/puppet/provider/file_line/ruby.rb +++ b/stdlib/lib/puppet/provider/file_line/ruby.rb @@ -61,20 +61,22 @@ def handle_create_with_match() def handle_create_with_after regex = Regexp.new(resource[:after]) count = count_matches(regex) - case count - when 1 # find the line to put our line after - File.open(resource[:path], 'w') do |fh| - lines.each do |l| - fh.puts(l) - if regex.match(l) then - fh.puts(resource[:line]) - end + + if count > 1 && resource[:multiple].to_s != 'true' + raise Puppet::Error, "#{count} lines match pattern '#{resource[:after]}' in file '#{resource[:path]}'. One or no line must match the pattern." + end + + File.open(resource[:path], 'w') do |fh| + lines.each do |l| + fh.puts(l) + if regex.match(l) then + fh.puts(resource[:line]) end end - when 0 # append the line to the end of the file + end + + if (count == 0) # append the line to the end of the file append_line - else - raise Puppet::Error, "#{count} lines match pattern '#{resource[:after]}' in file '#{resource[:path]}'. One or no line must match the pattern." end end diff --git a/stdlib/spec/functions/type_of_spec.rb b/stdlib/spec/functions/type_of_spec.rb index 8afb62464..b8234600c 100644 --- a/stdlib/spec/functions/type_of_spec.rb +++ b/stdlib/spec/functions/type_of_spec.rb @@ -2,32 +2,12 @@ require 'spec_helper' -if ENV["FUTURE_PARSER"] == 'yes' or Puppet.version >= "4" - require 'puppet/pops' - require 'puppet/loaders' - - describe 'the type_of function' do - before(:all) do - loaders = Puppet::Pops::Loaders.new(Puppet::Node::Environment.create(:testing, [File.join(fixtures, "modules")])) - Puppet.push_context({:loaders => loaders}, "test-examples") - end - - after(:all) do - Puppet::Pops::Loaders.clear - Puppet::pop_context() - end - - let(:func) do - # Load the function from the environment modulepath's modules (ie, fixtures) - Puppet.lookup(:loaders).private_environment_loader.load(:function, 'type_of') - end - - it 'gives the type of a string' do - expect(func.call({}, 'hello world')).to be_kind_of(Puppet::Pops::Types::PStringType) - end +describe 'type_of', :if => Puppet.version.to_f >= 4.0 do + it 'gives the type of a string' do + expect(subject.call_function('type_of', 'hello world')).to be_kind_of(Puppet::Pops::Types::PStringType) + end - it 'gives the type of an integer' do - expect(func.call({}, 5)).to be_kind_of(Puppet::Pops::Types::PIntegerType) - end + it 'gives the type of an integer' do + expect(subject.call_function('type_of', 5)).to be_kind_of(Puppet::Pops::Types::PIntegerType) end end diff --git a/stdlib/spec/functions/validate_integer_spec.rb b/stdlib/spec/functions/validate_integer_spec.rb index 3865c4f58..e95da6a8c 100755 --- a/stdlib/spec/functions/validate_integer_spec.rb +++ b/stdlib/spec/functions/validate_integer_spec.rb @@ -62,6 +62,11 @@ expect { scope.compiler.compile }.to raise_error(Puppet::ParseError, /to be an Integer or Array/) end + it "should not compile when a Hash is passed as Array" do + Puppet[:code] = "validate_integer([{ 1 => 2 }])" + expect { scope.compiler.compile }.to raise_error(Puppet::ParseError, /to be an Integer/) + end + it "should not compile when an explicitly undef variable is passed" do Puppet[:code] = <<-'ENDofPUPPETcode' $foo = undef diff --git a/stdlib/spec/functions/validate_numeric_spec.rb b/stdlib/spec/functions/validate_numeric_spec.rb index 1623a3db3..c99d879e9 100755 --- a/stdlib/spec/functions/validate_numeric_spec.rb +++ b/stdlib/spec/functions/validate_numeric_spec.rb @@ -62,6 +62,11 @@ expect { scope.compiler.compile }.to raise_error(Puppet::ParseError, /to be a Numeric or Array/) end + it "should not compile when a Hash is passed in an Array" do + Puppet[:code] = "validate_numeric([{ 1 => 2 }])" + expect { scope.compiler.compile }.to raise_error(Puppet::ParseError, /to be a Numeric/) + end + it "should not compile when an explicitly undef variable is passed" do Puppet[:code] = <<-'ENDofPUPPETcode' $foo = undef diff --git a/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb b/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb index a84fc78e7..8fe3932b0 100755 --- a/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb +++ b/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb @@ -201,7 +201,7 @@ end end - context 'with two lines matching the after expression' do + context 'with multiple lines matching the after expression' do before :each do File.open(@tmpfile, 'w') do |fh| fh.write("foo1\nfoo = blah\nfoo2\nfoo1\nfoo = baz") @@ -211,6 +211,22 @@ it 'errors out stating "One or no line must match the pattern"' do expect { provider.create }.to raise_error(Puppet::Error, /One or no line must match the pattern/) end + + it 'adds the line after all lines matching the after expression' do + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'inserted = line', + :after => '^foo1$', + :multiple => true, + } + ) + @provider = provider_class.new(@resource) + expect(@provider.exists?).to be_nil + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\ninserted = line\nfoo = blah\nfoo2\nfoo1\ninserted = line\nfoo = baz") + end end context 'with no lines matching the after expression' do diff --git a/swift/Gemfile b/swift/Gemfile index 571fd65dc..4c65317ac 100644 --- a/swift/Gemfile +++ b/swift/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-param-docs' diff --git a/swift/manifests/proxy/cache.pp b/swift/manifests/proxy/cache.pp index e779d7788..a4023f319 100644 --- a/swift/manifests/proxy/cache.pp +++ b/swift/manifests/proxy/cache.pp @@ -23,7 +23,7 @@ ) { # require the memcached class if its on the same machine - if $memcache_servers =~ /^127\.0\.0\.1/ { + if grep(any2array($memcache_servers), '^127\.0\.0\.1') { Class['memcached'] -> Class['swift::proxy::cache'] } diff --git a/swift/manifests/storage/mount.pp b/swift/manifests/storage/mount.pp index a9f23a015..0ef11e832 100644 --- a/swift/manifests/storage/mount.pp +++ b/swift/manifests/storage/mount.pp @@ -58,11 +58,11 @@ # mounting in linux and puppet is broken and non-atomic # we have to mount, check mount with executing command, # fix ownership and on selinux systems fix context. - # It would be definetly nice if passing options uid=,gid= + # It would be definitely nice if passing options uid=,gid= # would be possible as context is. But, as there already is # chown command we'll just restorecon on selinux enabled # systems :( - if ($::selinux == 'true') { + if (str2bool($::selinux) == true) { exec { "restorecon_mount_${name}": command => "restorecon ${mnt_base_dir}/${name}", path => ['/usr/sbin', '/sbin'], diff --git a/swift/manifests/storage/server.pp b/swift/manifests/storage/server.pp index 1c03d5f3a..6d47900a2 100644 --- a/swift/manifests/storage/server.pp +++ b/swift/manifests/storage/server.pp @@ -101,7 +101,7 @@ group => $group, notify => Service["swift-${type}", "swift-${type}-replicator"], require => Package['swift'], - mode => 640, + mode => '0640', } $required_middlewares = split( diff --git a/swift/spec/acceptance/basic_swift_spec.rb b/swift/spec/acceptance/basic_swift_spec.rb index 5ae268d68..5c0e53afc 100644 --- a/swift/spec/acceptance/basic_swift_spec.rb +++ b/swift/spec/acceptance/basic_swift_spec.rb @@ -8,21 +8,33 @@ pp= <<-EOS Exec { logoutput => 'on_failure' } - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + # Common resources + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } diff --git a/swift/spec/acceptance/nodesets/nodepool-centos7.yml b/swift/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/swift/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/tempest/spec/acceptance/nodesets/nodepool.yml b/swift/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from tempest/spec/acceptance/nodesets/nodepool.yml rename to swift/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/swift/spec/spec_helper_acceptance.rb b/swift/spec/spec_helper_acceptance.rb index 876ff0fa1..267c66d5f 100644 --- a/swift/spec/spec_helper_acceptance.rb +++ b/swift/spec/spec_helper_acceptance.rb @@ -27,14 +27,18 @@ # install library modules from the forge on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-concat','--version','1.2.2'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-apt', '--version', '1.8.0'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-rsync'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','saz-memcached'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') # Install the module being tested diff --git a/tempest/Gemfile b/tempest/Gemfile index 0d86f5b55..27df905bb 100644 --- a/tempest/Gemfile +++ b/tempest/Gemfile @@ -1,6 +1,7 @@ source 'https://rubygems.org' group :development, :test do + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false diff --git a/tempest/spec/acceptance/nodesets/nodepool-centos7.yml b/tempest/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/tempest/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/trove/spec/acceptance/nodesets/nodepool.yml b/tempest/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 100% rename from trove/spec/acceptance/nodesets/nodepool.yml rename to tempest/spec/acceptance/nodesets/nodepool-trusty.yml diff --git a/trove/Gemfile b/trove/Gemfile index 571fd65dc..4c65317ac 100644 --- a/trove/Gemfile +++ b/trove/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'rspec-puppet', '~> 2.1.0', :require => false + gem 'minitest', '~> 4.7', :require => 'minitest/unit' gem 'metadata-json-lint' gem 'puppet-lint-param-docs' diff --git a/trove/README.md b/trove/README.md index 901821cb2..bd6d40f8a 100644 --- a/trove/README.md +++ b/trove/README.md @@ -37,6 +37,13 @@ trove is a combination of Puppet manifest and ruby code to delivery configuratio Limitations ----------- +Security +-------- + +For security reasons, a separate in-cloud RabbitMQ cluster should be set up for Trove to use. The reason for this is that the guest agent needs to communicate with RabbitMQ, so it is not advisable to give instances access to the same RabbitMQ server that the core OpenStack services are using for communication. + +Please note that puppet-trove cannot check if this rule is being followed, so it is the deployer's responsibility to do it. + Beaker-Rspec ------------ diff --git a/trove/manifests/init.pp b/trove/manifests/init.pp index 2dbc39264..ea3ce331c 100644 --- a/trove/manifests/init.pp +++ b/trove/manifests/init.pp @@ -23,10 +23,16 @@ # # [*rabbit_host*] # (optional) Location of rabbitmq installation. +# Note that, for security reasons, this rabbitmq host should not be the +# same that the core openstack services are using for communication. See +# http://lists.openstack.org/pipermail/openstack-dev/2015-April/061759.html # Defaults to 'localhost' # # [*rabbit_hosts*] # (optional) List of clustered rabbit servers. +# Note that, for security reasons, these rabbitmq hosts should not be the +# same that the core openstack services are using for communication. See +# http://lists.openstack.org/pipermail/openstack-dev/2015-April/061759.html # Defaults to false # # [*rabbit_port*] @@ -156,6 +162,10 @@ # (optional) Use Neutron # Defaults to true # +# [*package_ensure*] +# (optional) The state of the package. +# Defaults to 'present' +# class trove( $nova_proxy_admin_pass, $rabbit_host = 'localhost', @@ -181,6 +191,7 @@ $cinder_url = false, $swift_url = false, $use_neutron = true, + $package_ensure = 'present', # DEPRECATED PARAMETERS $mysql_module = undef, ) { @@ -218,10 +229,25 @@ trove_config { 'DEFAULT/swift_url': ensure => absent } } + if $::osfamily == 'RedHat' { + # TO-DO(mmagr): Conditional should be removed as soon as following bug + # is really fixed. On Ubuntu trove-common is not installable without already + # running database and correctly filled trove.conf: + # https://bugs.launchpad.net/ubuntu/+source/openstack-trove/+bug/1365561 + package { 'trove': + ensure => $package_ensure, + name => $::trove::params::common_package_name + } + $group_require = Package['trove'] + } else { + $group_require = undef + } + group { 'trove': - ensure => 'present', - name => 'trove', - system => true, + ensure => 'present', + name => 'trove', + system => true, + require => $group_require } file { '/etc/trove/': diff --git a/trove/manifests/params.pp b/trove/manifests/params.pp index 04120d20c..71fad88e6 100644 --- a/trove/manifests/params.pp +++ b/trove/manifests/params.pp @@ -4,7 +4,8 @@ case $::osfamily { 'RedHat': { - $client_package_name = 'openstack-trove' + $client_package_name = 'python-troveclient' + $common_package_name = 'openstack-trove' $conductor_package_name = 'openstack-trove-conductor' $conductor_service_name = 'openstack-trove-conductor' $api_package_name = 'openstack-trove-api' @@ -16,6 +17,7 @@ } 'Debian': { $client_package_name = 'python-troveclient' + $common_package_name = 'trove-common' $conductor_package_name = 'trove-conductor' $conductor_service_name = 'trove-conductor' $api_package_name = 'trove-api' diff --git a/trove/manifests/taskmanager.pp b/trove/manifests/taskmanager.pp index 5ac9d2648..a41679023 100644 --- a/trove/manifests/taskmanager.pp +++ b/trove/manifests/taskmanager.pp @@ -250,4 +250,11 @@ } } + # TO-DO(mmagr): Disabling transformer workarounds bug #1402055. + # Remove this hack as soon as bug is fixed. + if $::osfamily == 'RedHat' { + trove_taskmanager_config { + 'DEFAULT/exists_notification_transformer': ensure => absent, + } + } } diff --git a/trove/spec/acceptance/basic_trove_spec.rb b/trove/spec/acceptance/basic_trove_spec.rb index 3bba12311..06889c490 100644 --- a/trove/spec/acceptance/basic_trove_spec.rb +++ b/trove/spec/acceptance/basic_trove_spec.rb @@ -8,27 +8,42 @@ pp= <<-EOS Exec { logoutput => 'on_failure' } - include ::apt - # some packages are not autoupgraded in trusty. - # it will be fixed in liberty, but broken in kilo. - $need_to_be_upgraded = ['python-tz', 'python-pbr'] - apt::source { 'trusty-updates-kilo': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', - release => 'trusty-updates', - required_packages => 'ubuntu-cloud-keyring', - repos => 'kilo/main', - trusted_source => true, - } ~> - exec { '/usr/bin/apt-get -y dist-upgrade': - refreshonly => true, + # Common resources + case $::osfamily { + 'Debian': { + include ::apt + class { '::openstack_extras::repo::debian::ubuntu': + release => 'kilo', + package_require => true, + } + $package_provider = 'apt' + } + 'RedHat': { + class { '::openstack_extras::repo::redhat::redhat': + # Kilo is not GA yet, so let's use the testing repo + manage_rdo => false, + repo_hash => { + 'rdo-kilo-testing' => { + 'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/', + # packages are not GA so not signed + 'gpgcheck' => '0', + 'priority' => 97, + }, + }, + } + $package_provider = 'yum' + } + default: { + fail("Unsupported osfamily (${::osfamily})") + } } - Apt::Source['trusty-updates-kilo'] -> Package<| |> class { '::mysql::server': } class { '::rabbitmq': delete_guest_user => true, erlang_cookie => 'secrete', + package_provider => $package_provider, } rabbitmq_vhost { '/': diff --git a/trove/spec/acceptance/nodesets/nodepool-centos7.yml b/trove/spec/acceptance/nodesets/nodepool-centos7.yml new file mode 100644 index 000000000..aed4f0b26 --- /dev/null +++ b/trove/spec/acceptance/nodesets/nodepool-centos7.yml @@ -0,0 +1,9 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/horizon/spec/acceptance/nodesets/nodepool.yml b/trove/spec/acceptance/nodesets/nodepool-trusty.yml similarity index 83% rename from horizon/spec/acceptance/nodesets/nodepool.yml rename to trove/spec/acceptance/nodesets/nodepool-trusty.yml index 757ba9851..a2c1ecc63 100644 --- a/horizon/spec/acceptance/nodesets/nodepool.yml +++ b/trove/spec/acceptance/nodesets/nodepool-trusty.yml @@ -1,5 +1,5 @@ HOSTS: - ubuntu-server-1404-x64: + ubuntu-14.04-amd64: roles: - master platform: ubuntu-14.04-amd64 diff --git a/trove/spec/classes/trove_init_spec.rb b/trove/spec/classes/trove_init_spec.rb index cbfd6efcb..a5d625f7d 100644 --- a/trove/spec/classes/trove_init_spec.rb +++ b/trove/spec/classes/trove_init_spec.rb @@ -30,12 +30,15 @@ end shared_examples_for 'trove' do - it { - is_expected.to contain_class('trove::params') - is_expected.to contain_trove_config('DEFAULT/nova_compute_url').with_value('http://localhost:8774/v2') - is_expected.to contain_trove_config('DEFAULT/cinder_url').with_value('http://localhost:8776/v1') - is_expected.to contain_trove_config('DEFAULT/swift_url').with_value('http://localhost:8080/v1/AUTH_') - } + + context 'with default parameters' do + it { + is_expected.to contain_class('trove::params') + is_expected.to contain_trove_config('DEFAULT/nova_compute_url').with_value('http://localhost:8774/v2') + is_expected.to contain_trove_config('DEFAULT/cinder_url').with_value('http://localhost:8776/v1') + is_expected.to contain_trove_config('DEFAULT/swift_url').with_value('http://localhost:8080/v1/AUTH_') + } + end end context 'on Debian platforms' do @@ -51,6 +54,13 @@ { :osfamily => 'RedHat' } end + it 'installs common package' do + should contain_package('trove').with( + :name => 'openstack-trove', + :ensure => 'present', + ) + end + it_configures 'trove' end end diff --git a/trove/spec/spec_helper_acceptance.rb b/trove/spec/spec_helper_acceptance.rb index e0b882713..451846008 100644 --- a/trove/spec/spec_helper_acceptance.rb +++ b/trove/spec/spec_helper_acceptance.rb @@ -26,16 +26,22 @@ shell('rm -fr /etc/puppet/modules/*') # install library modules from the forge + # pin apt module until openstack_extras use >= 2.0.0 version + on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','duritong/sysctl'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } - on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } # install puppet modules from git, use master shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + shell('git clone https://git.openstack.org/stackforge/puppet-openstack_extras /etc/puppet/modules/openstack_extras') shell('git clone https://git.openstack.org/stackforge/puppet-keystone /etc/puppet/modules/keystone') + # TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including + # https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c + shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq') # Install the module being tested puppet_module_install(:source => proj_root, :module_name => 'trove') diff --git a/vcsrepo/.travis.yml b/vcsrepo/.travis.yml index 291ceb3f5..727f6e76e 100644 --- a/vcsrepo/.travis.yml +++ b/vcsrepo/.travis.yml @@ -14,9 +14,14 @@ matrix: env: PUPPET_GEM_VERSION="~> 3.0" - rvm: 2.1.5 env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - rvm: 1.8.7 env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" + allow_failures: + - rvm: 2.1.6 + env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" notifications: email: false diff --git a/vcsrepo/CHANGELOG.md b/vcsrepo/CHANGELOG.md index 5b8f7d1e2..ad10e9730 100644 --- a/vcsrepo/CHANGELOG.md +++ b/vcsrepo/CHANGELOG.md @@ -1,55 +1,71 @@ -##2014-11-04 - Supported Release 1.2.0 -###Summary +# Change Log +All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). +## [1.3.0] - 2015-05-19 Supported Release +### Summary +This release adds git provider remote handling, svn conflict resolution, and fixes the git provider when /tmp is mounted noexec. + +### Added +- `source` property now takes a hash of sources for the git provider's remotes +- Add `submodules` parameter to skip submodule initialization for git provider +- Add `conflict` to svn provider to resolve conflicts +- Add `branch` parameter to specify clone branch +- Readme rewrite + +### Fixed +- The git provider now works even if `/tmp` is noexec + +## [1.2.0] - 2014-11-04 Supported Release +### Summary This release includes some improvements for git, mercurial, and cvs providers, and fixes the bug where there were warnings about multiple default providers. -####Features +### Added - Update git and mercurial providers to set UID with `Puppet::Util::Execution.execute` instead of `su` - Allow git excludes to be string or array - Add `user` feature to cvs provider -####Bugfixes +### Fixed - No more warnings about multiple default providers! (MODULES-428) -##2014-07-14 - Supported Release 1.1.0 -###Summary -This release adds a Perforce provider* and corrects the git provider behavior +## [1.1.0] - 2014-07-14 Supported Release +### Summary +This release adds a Perforce provider\* and corrects the git provider behavior when using `ensure => latest`. -*(Only git provider is currently supported.) +\*(Only git provider is currently supported.) -####Features +### Added - New Perforce provider -####Bugfixes +### Fixed - (MODULES-660) Fix behavior with `ensure => latest` and detached HEAD - Spec test fixes -##2014-06-30 - Supported Release 1.0.2 -###Summary +## [1.0.2] - 2014-06-30 Supported Release +### Summary This supported release adds SLES 11 to the list of compatible OSs and documentation updates for support. -##2014-06-17 - Supported Release 1.0.1 -###Summary +## [1.0.1] - 2014-06-17 Supported Release +### Summary This release is the first supported release of vcsrepo. The readme has been greatly improved. -####Features +### Added - Updated and expanded readme to follow readme template -####Fixes +### Fixed - Remove SLES from compatability metadata - Unpin rspec development dependencies - Update acceptance level testing -##2014-06-04 - Version 1.0.0 -###Summary +## [1.0.0] - 2014-06-04 +### Summary This release focuses on a number of bugfixes, and also has some new features for Bzr and Git. -####Features +### Added - Bzr: - Call set_ownership - Git: @@ -57,7 +73,7 @@ new features for Bzr and Git. - Use -a and desired for HARD resets - Use rev-parse to get tag canonical revision -####Fixes +### Fixed - HG: - Only add ssh options when it's talking to the network - Git: @@ -68,14 +84,14 @@ new features for Bzr and Git. - SVN: - Fix svnlook behavior with plain directories -##2013-11-13 - Version 0.2.0 -###Summary +## 0.2.0 - 2013-11-13 +### Summary This release mainly focuses on a number of bugfixes, which should significantly improve the reliability of Git and SVN. Thanks to our many contributors for all of these fixes! -####Features +### Added - Git: - Add autorequire for Package['git'] - HG: @@ -88,7 +104,7 @@ our many contributors for all of these fixes! - CVS: - Allow for setting the CVS_RSH environment variable. -####Fixes +### Fixed - Handle Puppet::Util[::Execution].withenv for 2.x and 3.x properly. - Change path_empty? to not do full directory listing. - Overhaul spec tests to work with rspec2. @@ -108,3 +124,10 @@ our many contributors for all of these fixes! - Fix svn provider to look for '^Revision:' instead of '^Last Changed Rev:'. - CVS: - Documented the "module" attribute. + +[1.3.0]: https://github.com/puppetlabs/puppetlabs-vcsrepo/compare/1.2.0...1.3.0 +[1.2.0]: https://github.com/puppetlabs/puppetlabs-vcsrepo/compare/1.1.0...1.2.0 +[1.1.0]: https://github.com/puppetlabs/puppetlabs-vcsrepo/compare/1.0.2...1.1.0 +[1.0.2]: https://github.com/puppetlabs/puppetlabs-vcsrepo/compare/1.0.1...1.0.2 +[1.0.1]: https://github.com/puppetlabs/puppetlabs-vcsrepo/compare/1.0.0...1.0.1 +[1.0.0]: https://github.com/puppetlabs/puppetlabs-vcsrepo/compare/0.2.0...1.0.0 diff --git a/vcsrepo/README.markdown b/vcsrepo/README.markdown index 2433d99ff..badb1ce6c 100644 --- a/vcsrepo/README.markdown +++ b/vcsrepo/README.markdown @@ -1,591 +1,742 @@ -#vcsrepo +#vcsrepo + +####Table of Contents + +1. [Overview](#overview) +2. [Module Description - What the module does and why it is useful](#module-description) +3. [Setup - The basics of getting started with vcsrepo](#setup) + * [Setup requirements](#setup-requirements) + * [Beginning with vcsrepo](#beginning-with-vcsrepo) +4. [Usage - Configuration options and additional functionality](#usage) + * [Git](#git) + * [Bazaar](#bazaar) + * [CVS](#cvs) + * [Mercurial](#mercurial) + * [Perforce](#perforce) + * [Subversion](#subversion) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) + * [Type: vcsrepo](#type-vcsrepo) + * [Providers](#providers) + * [Features](#features) + * [Parameters](#parameters) +5. [Limitations - OS compatibility, etc.](#limitations) +6. [Development - Guide for contributing to the module](#development) + +##Overview + +The vcsrepo module lets you use Puppet to easily deploy content from your version control system (VCS). + +##Module Description + +The vcsrepo module provides a single type with providers to support the following version control systems: + +* [Git](#git) +* [Bazaar](#bazaar) +* [CVS](#cvs) +* [Mercurial](#mercurial) +* [Perforce](#perforce) +* [Subversion](#subversion) + +**Note:** `git` is the only vcs provider officially [supported by Puppet Labs](https://forge.puppetlabs.com/supported). + +##Setup + +###Setup Requirements + +The `vcsrepo` module does not install any VCS software for you. You must install a VCS before you can use this module. + +Like Puppet in general, the `vcsrepo` module does not automatically create parent directories for the files it manages. Make sure to set up any needed directory structures before you get started. + +###Beginning with vcsrepo + +To create and manage a blank repository, define the type `vcsrepo` with a path to your repository and supply the `provider` parameter based on the [VCS you're using](#usage). + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, +} +~~~ + +##Usage + +**Note:** `git` is the only vcsrepo provider officially [supported by Puppet Labs](https://forge.puppetlabs.com/supported). + +###Git + +####Create a blank repository + +To create a blank repository, suitable for use as a central repository, define `vcsrepo` without `source` or `revision`: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, +} +~~~ + +If you're managing a central or official repository, you might want to make it a bare repository. To do this, set `ensure` to 'bare': + +~~~ +vcsrepo { '/path/to/repo': + ensure => bare, + provider => git, +} +~~~ + +####Clone/pull a repository + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, + source => 'git://example.com/repo.git', +} +~~~ + +By default, `vcsrepo` will use the HEAD of the source repository's master branch. To use another branch or a specific commit, set `revision` to either a branch name or a commit SHA or tag. + +Branch name: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, + source => 'git://example.com/repo.git', + revision => 'development', +} +~~~ + +SHA: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, + source => 'git://example.com/repo.git', + revision => '0c466b8a5a45f6cd7de82c08df2fb4ce1e920a31', +} +~~~ + +Tag: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, + source => 'git://example.com/repo.git', + revision => '1.1.2rc1', +} +~~~ + +To check out a branch as a specific user, supply the `user` parameter: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, + source => 'git://example.com/repo.git', + revision => '0c466b8a5a45f6cd7de82c08df2fb4ce1e920a31', + user => 'someUser', +} +~~~ + +To keep the repository at the latest revision, set `ensure` to 'latest'. + +**WARNING:** this overwrites any local changes to the repository: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => git, + source => 'git://example.com/repo.git', + revision => 'master', +} +~~~ + +To clone the repository but skip initializing submodules, set `submodules` to 'false': + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => git, + source => 'git://example.com/repo.git', + submodules => false, +} +~~~ + +####Use multiple remotes with a repository +In place of a single string, you can set `source` to a hash of one or more name => URL pairs: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => git, + remote => 'origin' + source => { + 'origin' => 'https://github.com/puppetlabs/puppetlabs-vcsrepo.git', + 'other_remote' => 'https://github.com/other_user/puppetlabs-vcsrepo.git' + }, +} +~~~ + +**Note:** if you set `source` to a hash, one of the names you specify must match the value of the `remote` parameter. That remote serves as the upstream of your managed repository. + +####Connect via SSH + +To connect to your source repository via SSH (e.g., 'username@server:…'), we recommend managing your SSH keys with Puppet and using the [`require`](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter to make sure they are present before the `vcsrepo` resource is applied. + +To use SSH keys associated with a user, specify the username in the `user` parameter: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => git, + source => 'git://username@example.com/repo.git', + user => 'toto', #uses toto's $HOME/.ssh setup + require => File['/home/toto/.ssh/id_rsa'], +} +~~~ + +###Bazaar + +####Create a blank repository + +To create a blank repository, suitable for use as a central repository, define `vcsrepo` without `source` or `revision`: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => bzr, +} +~~~ + +####Branch from an existing repository + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => bzr, + source => '/some/path', +} +~~~ + +To branch from a specific revision, set `revision` to a valid [Bazaar revision spec](http://wiki.bazaar.canonical.com/BzrRevisionSpec): + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => bzr, + source => '/some/path', + revision => 'menesis@pov.lt-20100309191856-4wmfqzc803fj300x', +} +~~~ + +####Connect via SSH + +To connect to your source repository via SSH (e.g., `'bzr+ssh://...'` or `'sftp://...,'`), we recommend using the [`require`](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter to make sure your SSH keys are present before the `vcsrepo` resource is applied: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => bzr, + source => 'bzr+ssh://bzr.example.com/some/path', + user => 'toto', #uses toto's $HOME/.ssh setup + require => File['/home/toto/.ssh/id_rsa'], +} +~~~ + +###CVS + +####Create a blank repository + +To create a blank repository, suitable for use as a central repository, define `vcsrepo` without `source` or `revision`: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => cvs, +} +~~~ + +####Checkout/update from a repository + +~~~ +vcsrepo { '/path/to/workspace': + ensure => present, + provider => cvs, + source => ':pserver:anonymous@example.com:/sources/myproj', +} +~~~ + +To get a specific module on the current mainline, supply the `module` parameter: + +~~~ +vcsrepo {'/vagrant/lockss-daemon-source': + ensure => present, + provider => cvs, + source => ':pserver:anonymous@lockss.cvs.sourceforge.net:/cvsroot/lockss', + module => 'lockss-daemon', +} +~~~ + +To set the GZIP compression levels for your repository history, use the `compression` parameter: + +~~~ +vcsrepo { '/path/to/workspace': + ensure => present, + provider => cvs, + compression => 3, + source => ':pserver:anonymous@example.com:/sources/myproj', +} +~~~ + +To get a specific revision, set `revision` to the revision number. + +~~~ +vcsrepo { '/path/to/workspace': + ensure => present, + provider => cvs, + compression => 3, + source => ':pserver:anonymous@example.com:/sources/myproj', + revision => '1.2', +} +~~~ + +You can also set `revision` to a tag: + +~~~ +vcsrepo { '/path/to/workspace': + ensure => present, + provider => cvs, + compression => 3, + source => ':pserver:anonymous@example.com:/sources/myproj', + revision => 'SOMETAG', +} +~~~ + +####Connect via SSH + +To connect to your source repository via SSH, we recommend using the [`require`](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter to make sure your SSH keys are present before the `vcsrepo` resource is applied: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => cvs, + source => ':pserver:anonymous@example.com:/sources/myproj', + user => 'toto', #uses toto's $HOME/.ssh setup + require => File['/home/toto/.ssh/id_rsa'], +} +~~~ + +###Mercurial + +####Create a blank repository + +To create a blank repository, suitable for use as a central repository, define `vcsrepo` without `source` or `revision`: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => hg, +} +~~~ + +####Clone/pull & update a repository + +To get the default branch tip: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => hg, + source => 'http://hg.example.com/myrepo', +} +~~~ + +For a specific changeset, use `revision`: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => hg, + source => 'http://hg.example.com/myrepo', + revision => '21ea4598c962', +} +~~~ + +You can also set `revision` to a tag: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => hg, + source => 'http://hg.example.com/myrepo', + revision => '1.1.2', +} +~~~ + +To check out as a specific user: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => hg, + source => 'http://hg.example.com/myrepo', + user => 'user', +} +~~~ + +To specify an SSH identity key: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => hg, + source => 'ssh://hg@hg.example.com/myrepo', + identity => '/home/user/.ssh/id_dsa1, +} +~~~ + +To specify a username and password for HTTP Basic authentication: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => hg, + source => 'http://hg.example.com/myrepo', + basic_auth_username => 'hgusername', + basic_auth_password => 'hgpassword', +} +~~~ + +####Connect via SSH + +To connect to your source repository via SSH (e.g., `'ssh://...'`), we recommend using the [`require` metaparameter](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) to make sure your SSH keys are present before the `vcsrepo` resource is applied: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => hg, + source => 'ssh://hg.example.com//path/to/myrepo', + user => 'toto', #uses toto's $HOME/.ssh setup + require => File['/home/toto/.ssh/id_rsa'], +} +~~~ + +###Perforce + +####Create an empty workspace + +To set up the connection to your Perforce service, set `p4config` to the location of a valid Perforce [config file](http://www.perforce.com/perforce/doc.current/manuals/p4guide/chapter.configuration.html#configuration.settings.configfiles) stored on the node: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => p4, + p4config => '/root/.p4config' +} +~~~ + +**Note:** If you don't include the `P4CLIENT` setting in your config file, the provider generates a workspace name based on the digest of `path` and the node's hostname (e.g., `puppet-91bc00640c4e5a17787286acbe2c021c`): + +####Create/update and sync a Perforce workspace + +To sync a depot path to head, set `ensure` to 'latest': + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => p4, + source => '//depot/branch/...' +} +~~~ + +To sync to a specific changelist, specify its revision number with the `revision` parameter: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => p4, + source => '//depot/branch/...', + revision => '2341' +} +~~~ + +You can also set `revision` to a label: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => p4, + source => '//depot/branch/...', + revision => 'my_label' +} +~~~ + +###Subversion + +####Create a blank repository + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => svn, +} +~~~ + +####Check out from an existing repository + +Provide a `source` pointing to the branch or tag you want to check out: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => svn, + source => 'svn://svnrepo/hello/branches/foo', +} +~~~ + +You can also designate a specific revision: + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => svn, + source => 'svn://svnrepo/hello/branches/foo', + revision => '1234', +} +~~~ + +####Use a specific Subversion configuration directory + +Use the `configuration` parameter to designate the directory that contains your Subversion configuration files (typically, '/path/to/.subversion'): + +~~~ +vcsrepo { '/path/to/repo': + ensure => present, + provider => svn, + source => 'svn://svnrepo/hello/branches/foo', + configuration => '/path/to/.subversion', +} +~~~ + +####Connect via SSH + +To connect to your source repository via SSH (e.g., `'svn+ssh://...'`), we recommend using the [`require` metaparameter](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) to make sure your SSH keys are present before the `vcsrepo` resource is applied: + +~~~ +vcsrepo { '/path/to/repo': + ensure => latest, + provider => svn, + source => 'svn+ssh://svnrepo/hello/branches/foo', + user => 'toto', #uses toto's $HOME/.ssh setup + require => File['/home/toto/.ssh/id_rsa'], +} +~~~ + +##Reference + +###Type: vcsrepo + +The vcsrepo module adds only one type with several providers. Each provider abstracts a different VCS, and each provider includes a set of features according to its needs. + +####Providers + +**Note:** Not all features are available with all providers. + +#####`git` - Supports the Git VCS. + +Features: `bare_repositories`, `depth`, `multiple_remotes`, `reference_tracking`, `ssh_identity`, `submodules`, `user` + +Parameters: `depth`, `ensure`, `excludes`, `force`, `group`, `identity`, `owner`, `path`, `provider`, `remote`, `revision`, `source`, `user` + +#####`bzr` - Supports the Bazaar VCS. + +Features: `reference_tracking` + +Parameters: `ensure`, `excludes`, `force`, `group`, `owner`, `path`, `provider`, `revision`, `source` + +#####`cvs` - Supports the CVS VCS. + +Features: `cvs_rsh`, `gzip_compression`, `modules`, `reference_tracking`, `user` + +Parameters: `compression`, `cvs_rsh`, `ensure`, `excludes`, `force`, `group`, `module`, `owner`, `path`, `provider` + +#####`hg` - Supports the Mercurial VCS. + +Features: `reference_tracking`, `ssh_identity`, `user` + +Parameters: `ensure`, `excludes`, `force`, `group`, `identity`, `owner`, `path`, `provider`, `revision`, `source`, `user` + +#####`p4` - Supports the Perforce VCS. + +Features: `p4config`, `reference_tracking` + +Parameters: `ensure`, `excludes`, `force`, `group`, `owner`, `p4config`, `path`, `provider`, `revision`, `source` + +#####`svn` - Supports the Subversion VCS. + +Features: `basic_auth`, `configuration`, `conflict`, `filesystem_types`, `reference_tracking` + +Parameters: `basic_auth_password`, `basic_auth_username`, `configuration`, `conflict`, `ensure`, `excludes`, `force`, `fstype`, `group`, `owner`, `path`, `provider`, `revision`, `source` + +####Features + +**Note:** Not all features are available with all providers. + +* `bare_repositories` - Differentiates between bare repositories and those with working copies. (Available with `git`.) +* `basic_auth` - Supports HTTP Basic authentication. (Available with `svn`.) +* `conflict` - Lets you decide how to resolve any conflicts between the source repository and your working copy. (Available with `svn`.) +* `configuration` - Lets you specify the location of your configuration files. (Available with `svn`.) +* `cvs_rsh` - Understands the `CVS_RSH` environment variable. (Available with `cvs`.) +* `depth` - Supports shallow clones. (Available with `git`.) +* `filesystem_types` - Supports multiple types of filesystem. (Available with `svn`.) +* `gzip_compression` - Supports explicit GZip compression levels. (Available with `cvs`.) +* `modules` - Lets you choose a specific repository module. (Available with `cvs`.) +* `multiple_remotes` - Tracks multiple remote repositories. (Available with `git`.) +* `reference_tracking` - Lets you track revision references that can change over time (e.g., some VCS tags and branch names). (Available with all providers) +* `ssh_identity` - Lets you specify an SSH identity file. (Available with `git` and `hg`.) +* `user` - Can run as a different user. (Available with `git`, `hg` and `cvs`.) +* `p4config` - Supports setting the `P4CONFIG` environment. (Available with `p4`.) +* `submodules` - Supports repository submodules which can be optionally initialized. (Available with `git`.) + +####Parameters + +All parameters are optional, except where specified otherwise. + +##### `basic_auth_password` -[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-vcsrepo.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-vcsrepo) +Specifies the password for HTTP Basic authentication. (Requires the `basic_auth` feature.) Valid options: a string. Default: none. -####Table of Contents +##### `basic_auth_username` -1. [Overview](#overview) -2. [Module Description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with vcsrepo](#setup) - * [Beginning with vcsrepo](#beginning-with-vcsrepo) -4. [Usage - Configuration options and additional functionality](#usage) - * [Bazaar](#bazaar) - * [CVS](#cvs) - * [Git](#git) - * [Mercurial](#mercurial) - * [Perforce](#perforce) - * [Subversion](#subversion) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) - * [Type: vcsrepo](#type-vcsrepo) - * [Providers](#providers) - * [Features](#features) - * [Parameters](#parameters) - * [Features and Parameters by Provider](#features-and-parameters-by-provider) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) +Specifies the username for HTTP Basic authentication. (Requires the `basic_auth` feature.) Valid options: a string. Default: none. -##Overview +##### `compression` -The vcsrepo module allows you to use Puppet to easily deploy content from your version control system (VCS). +Sets the GZIP compression level for the repository history. (Requires the `gzip_compression` feature.) Valid options: an integer between 0 and 6. Default: none. -##Module Description +##### `configuration` -This module provides a single type with providers for each VCS, which can be used to describe: +Sets the configuration directory to use. (Requires the `configuration` feature.) Valid options: a string containing an absolute path. Default: none. -* A working copy checked out from a (remote or local) source, at an - arbitrary revision -* A blank working copy not associated with a source (when it makes - sense for the VCS being used) -* A blank central repository (when the distinction makes sense for the VCS - being used) +##### `conflict` -##Setup +Tells Subversion how to resolve any conflicts between the source repository and your working copy. (Requires the `conflict` feature.) Valid options: 'base', 'mine-full', 'theirs-full', and 'working'. Default: none. -Before you begin using vcsrepo, it's worth keeping in mind that this module will not install VCS software for you. If you are going to use this module, you must have already installed your preferred VCS. +##### `cvs_rsh` -Also, this module, like Puppet generally, will not create parent directories for you. You will need to have your parent directories in place before you begin. +Provides a value for the `CVS_RSH` environment variable. (Requires the `cvs_rsh` feature.) Valid options: a string. Default: none. -###Beginning with vcsrepo +##### `depth` -To get started with the vcsrepo module, you must simply define the type `vcsrepo` with a path to your repository and the [type of VCS](#Usage) you're using in `provider` (in the below example, Git). +Sets the number of commits to include when creating a shallow clone. (Requires the `depth` feature.) Valid options: an integer. Default: none. - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - } +##### `ensure` -##Usage +Specifies whether the repository should exist. Valid options: 'present', 'bare', 'absent', and 'latest'. Default: 'present'. -The vcsrepo module works with the following VCSs: +##### `excludes` -* [Git (git)](#git)* -* [Bazaar (bzr)](#bazaar) -* [CVS (cvs)](#cvs) -* [Mercurial (hg)](#mercurial) -* [Perforce (p4)](#perforce) -* [Subversion (svn)](#subversion) +Lists any files the repository shouldn't track (similar to .gitignore). Valid options: a string (separate multiple values with the newline character). Default: none. -**Note:** Git is the only VCS provider officially [supported](https://forge.puppetlabs.com/supported) by Puppet Labs. +##### `force` +Specifies whether to delete any existing files in the repository path if creating a new repository. **Use with care.** Valid options: 'true' and 'false'. Default: 'false'. -###Git +##### `fstype` -#####To create a blank repository +Sets the filesystem type. (Requires the `filesystem_types` feature.) Valid options: 'fsfs' or 'bdb'. Default: none. -To create a blank repository suitable for use as a central repository, -define `vcsrepo` without `source` or `revision`. +##### `group` - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - } +Specifies a group to own the repository files. Valid options: a string containing a group name or GID. Default: none. -If you're defining `vcsrepo` for a central or official repository, you may want to make it a bare repository. You do this by setting `ensure` to 'bare' rather than 'present'. +##### `identity` - vcsrepo { '/path/to/repo': - ensure => bare, - provider => git, - } +Specifies an identity file to use for SSH authentication. (Requires the `ssh_identity` feature.) Valid options: a string containing an absolute path. Default: none. -#####To clone/pull a repository +##### `module` -To get the current HEAD on the master branch, +Specifies the repository module to manage. (Requires the `modules` feature.) Valid options: a string containing the name of a CVS module. Default: none. - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - source => 'git://example.com/repo.git', - } +##### `owner` -To get a specific revision or branch (can be a commit SHA, tag, or branch name), +Specifies a user to own the repository files. Valid options: a string containing a username or UID. Default: none. - **SHA** +##### `p4config` - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - source => 'git://example.com/repo.git', - revision => '0c466b8a5a45f6cd7de82c08df2fb4ce1e920a31', - } +Specifies a config file that contains settings for connecting to the Perforce service. (Requires the `p4config` feature.) Valid options: a string containing the absolute path to a valid [Perforce config file](http://www.perforce.com/perforce/doc.current/manuals/p4guide/chapter.configuration.html#configuration.settings.configfiles). Default: none. -**Tag** +##### `path` - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - source => 'git://example.com/repo.git', - revision => '1.1.2rc1', - } +Specifies a location for the managed repository. Valid options: a string containing an absolute path. Default: the title of your declared resource. -**Branch name** +##### `provider` - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - source => 'git://example.com/repo.git', - revision => 'development', - } +*Required.* Specifies the backend to use for this vcsrepo resource. Valid options: 'bzr', 'cvs', 'git', 'hg', 'p4', and 'svn'. -To check out a branch as a specific user, +##### `remote` - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - source => 'git://example.com/repo.git', - revision => '0c466b8a5a45f6cd7de82c08df2fb4ce1e920a31', - user => 'someUser', - } +Specifies the remote repository to track. (Requires the `multiple_remotes` feature.) Valid options: a string containing one of the remote names specified in `source`. Default: 'origin'. -To keep the repository at the latest revision (**WARNING:** this will always overwrite local changes to the repository), +##### `revision` - vcsrepo { '/path/to/repo': - ensure => latest, - provider => git, - source => 'git://example.com/repo.git', - revision => 'master', - } +Sets the revision of the repository. Valid options vary by provider: -To clone the repository but skip initialiazing submodules, +* `git` - a string containing a Git branch name, or a commit SHA or tag +* `bzr` - a string containing a Bazaar [revision spec](http://wiki.bazaar.canonical.com/BzrRevisionSpec) +* `cvs` - a string containing a CVS [tag or revision number](http://www.thathost.com/wincvs-howto/cvsdoc/cvs_4.html) +* `hg` - a string containing a Mercurial [changeset ID](http://mercurial.selenic.com/wiki/ChangeSetID) or [tag](http://mercurial.selenic.com/wiki/Tag) +* `p4` - a string containing a Perforce [change number, label name, client name, or date spec](http://www.perforce.com/perforce/r12.1/manuals/cmdref/o.fspecs.html) +* `svn` - a string containing a Subversion [revision number](http://svnbook.red-bean.com/en/1.7/svn.basic.in-action.html#svn.basic.in-action.revs), [revision keyword, or revision date](http://svnbook.red-bean.com/en/1.7/svn.tour.revs.specifiers.html) - vcsrepo { '/path/to/repo': - ensure => latest, - provider => git, - source => 'git://example.com/repo.git', - submodules => false, - } +Default: none. -##### Using multiple remotes with a repository -Instead of specifying a single string in the 'source' property, you can specify a hash with multiple name => URL mappings, +##### `source` - vcsrepo { '/path/to/repo': - ensure => present, - provider => git, - source => { - origin => 'https://github.com/puppetlabs/puppetlabs-vcsrepo.git', - other_remote => 'https://github.com/other_user/puppetlabs-vcsrepo.git' - }, - } +Specifies a source repository to serve as the upstream for your managed repository. Default: none. Valid options vary by provider: -It is important to note that you must specify a mapping for the remote that is specified in the 'remote' property - this is set to 'origin' by default. +* `git` - a string containing a [Git repository URL](https://www.kernel.org/pub/software/scm/git/docs/git-clone.html#_git_urls_a_id_urls_a) or a hash of name => URL mappings. See also [`remote`](#remote). +* `bzr` - a string containing a Bazaar branch location +* `cvs` - a string containing a CVS root +* `hg` - a string containing the local path or URL of a Mercurial repository +* `p4` - a string containing a Perforce depot path +* `svn` - a string containing a Subversion repository URL -#####Sources that use SSH +Default: none. -When your source uses SSH, such as 'username@server:…', you can manage your SSH keys with Puppet using the [require](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter in `vcsrepo` to ensure they are present. +##### `submodules` -For SSH keys associated with a user, enter the username in the `user` parameter. Doing so will use that user's keys. +Specifies whether to initialize and update each submodule in the repository. (Requires the `submodules` feature.) Valid options: 'true' and 'false'. Default: 'true'. - user => 'toto' # will use toto's $HOME/.ssh setup +##### `user` -#####Further Examples - -For more examples using Git, see `examples/git/`. - -###Bazaar - -#####Create a blank repository - -To create a blank repository suitable for use as a central repository, -define `vcsrepo` without `source` or `revision`. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => bzr, - } - -#####Branch from an existing repository - -Provide the `source` location to branch from an existing repository. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => bzr, - source => 'lp:myproj', - } - -For a specific revision, use `revision` with a valid revisionspec -(see `bzr help revisionspec` for more information on formatting a revision). - - vcsrepo { '/path/to/repo': - ensure => present, - provider => bzr, - source => 'lp:myproj', - revision => 'menesis@pov.lt-20100309191856-4wmfqzc803fj300x', - } - -#####Sources that use SSH - -When your source uses SSH, for instance 'bzr+ssh://...' or 'sftp://...,' -you can manage your SSH keys with Puppet using the [require](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter in `vcsrepo` to ensure they are present. - -#####Further examples - -For more examples using Bazaar, see `examples/bzr/`. - -###CVS - -#####To create a blank repository - -To create a blank repository suitable for use as a central repository, -define `vcsrepo` without `source` or `revision`. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => cvs, - } - -#####To checkout/update from a repository - -To get the current mainline, - - vcsrepo { '/path/to/workspace': - ensure => present, - provider => cvs, - source => ':pserver:anonymous@example.com:/sources/myproj', - } - -To get a specific module on the current mainline, - - vcsrepo {'/vagrant/lockss-daemon-source': - ensure => present, - provider => cvs, - source => ':pserver:anonymous@lockss.cvs.sourceforge.net:/cvsroot/lockss', - module => 'lockss-daemon', - } - - -You can use the `compression` parameter to set the GZIP compression levels for your repository history. - - vcsrepo { '/path/to/workspace': - ensure => present, - provider => cvs, - compression => 3, - source => ':pserver:anonymous@example.com:/sources/myproj', - } - -For a specific tag, use `revision`. - - vcsrepo { '/path/to/workspace': - ensure => present, - provider => cvs, - compression => 3, - source => ':pserver:anonymous@example.com:/sources/myproj', - revision => 'SOMETAG', - } - -#####Sources that use SSH - -When your source uses SSH, you can manage your SSH keys with Puppet using the [require](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter in `vcsrepo` to ensure they are present. - -#####Further examples - -For for more examples using CVS, see `examples/cvs/`. - -###Mercurial - -#####To create a blank repository - -To create a blank repository suitable for use as a central repository, -define `vcsrepo` without `source` or `revision`. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => hg, - } - -#####To clone/pull & update a repository - -To get the default branch tip, - - vcsrepo { '/path/to/repo': - ensure => present, - provider => hg, - source => 'http://hg.example.com/myrepo', - } - -For a specific changeset, use `revision`. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => hg, - source => 'http://hg.example.com/myrepo', - revision => '21ea4598c962', - } - -You can also set `revision` to a tag. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => hg, - source => 'http://hg.example.com/myrepo', - revision => '1.1.2', - } - -To check out as a specific user, - - vcsrepo { '/path/to/repo': - ensure => present, - provider => hg, - source => 'http://hg.example.com/myrepo', - user => 'user', - } - -To specify an SSH identity key, - - vcsrepo { '/path/to/repo': - ensure => present, - provider => hg, - source => 'ssh://hg@hg.example.com/myrepo', - identity => '/home/user/.ssh/id_dsa', - } - -To specify a username and password for HTTP Basic authentication, - - vcsrepo { '/path/to/repo': - ensure => latest, - provider => hg, - source => 'http://hg.example.com/myrepo', - basic_auth_username => 'hgusername', - basic_auth_password => 'hgpassword', - } - -#####Sources that use SSH - -When your source uses SSH, such as 'ssh://...', you can manage your SSH keys with Puppet using the [require](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter in `vcsrepo` to ensure they are present. - -#####Further Examples - -For more examples using Mercurial, see `examples/hg/`. - -###Perforce - -#####To create an empty Workspace - -To create an empty Workspace, define a `vcsrepo` without a `source` or `revision`. The -Environment variables P4PORT, P4USER, etc... are used to define the Perforce server -connection settings. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => p4 - } - -If no `P4CLIENT` environment name is provided a workspace generated name is calculated -based on the Digest of path and hostname. For example: - - puppet-91bc00640c4e5a17787286acbe2c021c - -A Perforce configuration file can be used by setting the `P4CONFIG` environment or -defining `p4config`. If a configuration is defined, then the environment variable for -`P4CLIENT` is replaced. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => p4, - p4config => '.p4config' - } - -#####To create/update and sync a Perforce workspace - -To sync a depot path to head, ensure `latest`: - - vcsrepo { '/path/to/repo': - ensure => latest, - provider => p4, - source => '//depot/branch/...' - } - -For a specific changelist, ensure `present` and specify a `revision`: - - vcsrepo { '/path/to/repo': - ensure => present, - provider => p4, - source => '//depot/branch/...', - revision => '2341' - } - -You can also set `revision` to a label: - - vcsrepo { '/path/to/repo': - ensure => present, - provider => p4, - source => '//depot/branch/...', - revision => 'my_label' - } - -#####To authenticate against the Perforce server - -Either set the environment variables `P4USER` and `P4PASSWD` or use a configuration file. -For secure servers set the `P4PASSWD` with a valid ticket generated using `p4 login -p`. - -#####Further Examples - -For examples you can run, see `examples/p4/` - -###Subversion - -#####To create a blank repository - -To create a blank repository suitable for use as a central repository, -define `vcsrepo` without `source` or `revision`. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => svn, - } - -#####To check out from a repository - -Provide a `source` pointing to the branch/tag you want to check out from a repository. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => svn, - source => 'svn://svnrepo/hello/branches/foo', - } - -You can also provide a specific revision. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => svn, - source => 'svn://svnrepo/hello/branches/foo', - revision => '1234', - } - -#####Using a specific Subversion configuration directory - -To use a specific configuration directory, provide a `configuration` parameter which should be a directory path on the local system where your svn configuration files are. Typically, it is '/path/to/.subversion'. - - vcsrepo { '/path/to/repo': - ensure => present, - provider => svn, - source => 'svn://svnrepo/hello/branches/foo', - configuration => '/path/to/.subversion', - } - -#####Sources that use SSH - -When your source uses SSH, such as 'svn+ssh://...', you can manage your SSH keys with Puppet using the [require](http://docs.puppetlabs.com/references/stable/metaparameter.html#require) metaparameter in `vcsrepo` to ensure they are present. - -####Further examples - -For more examples using Subversion, see `examples/svn/`. - -##Reference - -###Type: vcsrepo - -The vcsrepo module is slightly unusual in that it is simply a type and providers. Each provider abstracts a different VCS, and a series of features are available to each provider based on its specific needs. - -####Providers - -**Note**: Not all features are available with all providers. - -* `git` - Supports the Git VCS. (Contains features: `bare_repositories`, `depth`, `multiple_remotes`, `reference_tracking`, `ssh_identity`, `user`.) -* `bar` - Supports the Bazaar VCS. (Contains features: `reference_tracking`.) -* `cvs` - Supports the CVS VCS. (Contains features: `cvs_rsh`, `gzip_compression`, `modules`, `reference_tracking`, `user`.) -* `dummy` - -* `hg` - Supports the Mercurial VCS. (Contains features: `reference_tracking`, `ssh_identity`, `user`.) -* `p4` - Supports the Perforce VCS. (Contains features: `reference_tracking`, `filesystem_types`, `p4config`.) -* `svn` - Supports the Subversion VCS. (Contains features: `basic_auth`, `configuration`, `filesystem_types`, `reference_tracking`.) - -####Features - -**Note**: Not all features are available with all providers. - -* `bare_repositories` - The provider differentiates between bare repositories and those with working copies. (Available with `git`.) -* `basic_auth` - The provider supports HTTP Basic Authentication. (Available with `svn`.) -* `configuration` - The provider supports setting the configuration path.(Available with `svn`.) -* `cvs_rsh` - The provider understands the CVS_RSH environment variable. (Available with `cvs`.) -* `depth` - The provider can do shallow clones. (Available with `git`.) -* `filesystem_types` - The provider supports different filesystem types. (Available with `svn`.) -* `gzip_compression` - The provider supports explicit GZip compression levels. (Available with `cvs`.) -* `modules` - The provider allows specific repository modules to be chosen. (Available with `cvs`.) -* `multiple_remotes` - The repository tracks multiple remote repositories. (Available with `git`.) -* `reference_tracking` - The provider supports tracking revision references that can change over time (e.g. some VCS tags and branch names). (Available with `bar`, `cvs`, `git`, `hg`, `svn`.) -* `ssh_identity` - The provider supports a configurable SSH identity file. (Available with `git` and `hg`.) -* `user` - The provider can run as a different user. (Available with `git`, `hg` and `cvs`.) -* `p4config` - The provider support setting the P4CONFIG environment. (Available with `p4`.) -* `submodules` - The provider supports repository submodules which can be optionally initialized. (Available with `git`.) - -####Parameters - -* `basic_auth_password` - Specifies the HTTP Basic Authentication password. (Requires the `basic_auth` feature.) -* `basic_auth_username` - Specifies the HTTP Basic Authentication username. (Requires the `basic_auth` feature.) -* `compression` - Set the GZIP compression levels for your repository history. (Requires the `gzip_compression` feature.) -* `configuration` - Sets the configuration directory to use. (Requires the `configuration` feature.) -* `cvs_rsh` - The value to be used for the CVS_RSH environment variable. (Requires the `cvs_rsh` feature.) -* `depth` - The value to be used to do a shallow clone. (Requires the `depth` feature.) -* `ensure` - Determines the state of the repository. Valid values are 'present', 'bare', 'absent', 'latest'. -* `excludes` - Lists any files to be excluded from being tracked by the repository (similiar to .gitignore). Can be an array or string. -* `force` - Forces repository creation. Valid values are 'true' and 'false'. **WARNING** Forcing will destroy any files in the path. -* `fstype` - Sets the filesystem type. (Requires the `filesystem_types` feature.) -* `group` - Determines the group/gid that owns the repository files. -* `identity` - Specifies the SSH identity file. (Requires the `ssh_identity` feature.) -* `module` - Specifies the repository module to manage. (Requires the `modules` feature.) -* `owner` - Specifies the user/uid that owns the repository files. -* `path` - Specifies the absolute path to the repository. If omitted, the value defaults to the resource's title. -* `provider` - Specifies the backend to use for this vcsrepo resource. -* `remote` - Specifies the remote repository to track. (Requires the `multiple_remotes` feature.) -* `revision` - Sets the revision of the repository. Values can match /^\S+$/. -* `source` - Specifies the source URI for the repository. -* `user` - Specifies the user to run as for repository operations. -* `p4config` - Specifies the P4CONFIG environment used for Perforce connection configuration. - -####Features and Parameters by Provider - -#####`git` -**Features**: `bare_repositories`, `depth`, `multiple_remotes`, `reference_tracking`, `ssh_identity`, `user`, `submodules` - -**Parameters**: `depth`, `ensure`, `excludes`, `force`, `group`, `identity`, `owner`, `path`, `provider`, `remote`, `revision`, `source`, `user`, `submodules` - -#####`bzr` -**Features**: `reference_tracking` - -**Parameters**: `ensure`, `excludes`, `force`, `group`, `owner`, `path`, `provider`, `revision`, `source`, `user` - -#####`cvs` -**Features**: `cvs_rsh`, `gzip_compression`, `modules`, `reference_tracking`, `revision` - -**Parameters**: `compression`, `cvs_rsh`, `ensure`, `excludes`, `force`, `group`, `module`, `owner`, `path`, `provider`, `revision`, `source`, `user` - -#####`hg` -**Features**: `reference_tracking`, `ssh_identity`, `user` - -**Parameters**: `ensure`, `excludes`, `force`, `group`, `identity`, `owner`, `path`, `provider`, `revision`, `source`, `user` - -#####`p4` -**Features**: `reference_tracking`, `filesystem_types`, `p4config` - -**Parameters**: `ensure`, `group`, `owner`, `path`, `provider`, `revision`, `source`, `p4config` - -#####`svn` -**Features**: `basic_auth`, `configuration`, `filesystem_types`, `reference_tracking` - -**Parameters**: `basic_auth_password`, `basic_auth_username`, `configuration`, `ensure`, `excludes`, `force`, `fstype`, `group`, `owner`, `path`, `provider`, `revision`, `source`, `user` - -##Limitations - -Git is the only VCS provider officially [supported](https://forge.puppetlabs.com/supported) by Puppet Labs. - -This module has been built on and tested against Puppet 2.7 and higher. - -The module has been tested on: - -RedHat Enterprise Linux 5/6 -Debian 6/7 -CentOS 5/6 -Ubuntu 12.04 -Gentoo -Arch Linux -FreeBSD - -Testing on other platforms has been light and cannot be guaranteed. - -##Development - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -You can read the complete module contribution guide on the Puppet Labs wiki. +Specifies the user to run as for repository operations. (Requires the `user` feature.) Valid options: a string containing a username or UID. Default: none. + +##Limitations + +Git is the only VCS provider officially [supported](https://forge.puppetlabs.com/supported) by Puppet Labs. + +This module has been tested with Puppet 2.7 and higher. + +The module has been tested on: + +* CentOS 5/6/7 +* Debian 6/7 +* Oracle 5/6/7 +* Red Hat Enterprise Linux 5/6/7 +* Scientific Linux 5/6/7 +* SLES 10/11/12 +* Ubuntu 10.04/12.04/14.04 + +Testing on other platforms has been light and cannot be guaranteed. + +##Development + +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. + +We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. + +You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) diff --git a/vcsrepo/lib/puppet/provider/vcsrepo/git.rb b/vcsrepo/lib/puppet/provider/vcsrepo/git.rb index 810125323..49ac6486f 100644 --- a/vcsrepo/lib/puppet/provider/vcsrepo/git.rb +++ b/vcsrepo/lib/puppet/provider/vcsrepo/git.rb @@ -75,7 +75,7 @@ def revision=(desired) at_path { git_with_identity('reset', '--hard', "#{@resource.value(:remote)}/#{desired}") } end #TODO Would this ever reach here if it is bare? - if @resource.value(:ensure) != :bare + if @resource.value(:ensure) != :bare && @resource.value(:submodules) == :true update_submodules end update_owner_and_excludes @@ -418,7 +418,7 @@ def update_owner_and_excludes # @!visibility private def git_with_identity(*args) if @resource.value(:identity) - Tempfile.open('git-helper') do |f| + Tempfile.open('git-helper', Puppet[:statedir]) do |f| f.puts '#!/bin/sh' f.puts "exec ssh -oStrictHostKeyChecking=no -oPasswordAuthentication=no -oKbdInteractiveAuthentication=no -oChallengeResponseAuthentication=no -oConnectTimeout=120 -i #{@resource.value(:identity)} $*" f.close diff --git a/vcsrepo/metadata.json b/vcsrepo/metadata.json index 242583a57..ef74e8695 100644 --- a/vcsrepo/metadata.json +++ b/vcsrepo/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-vcsrepo", - "version": "1.2.0", + "version": "1.3.0", "author": "Puppet Labs", "summary": "Puppet module providing a type to manage repositories from various version control systems", "license": "GPLv2", diff --git a/vswitch/manifests/ovs.pp b/vswitch/manifests/ovs.pp index e04c6226f..5824d6df9 100644 --- a/vswitch/manifests/ovs.pp +++ b/vswitch/manifests/ovs.pp @@ -1,22 +1,52 @@ # vswitch: open-vswitch +# == Class: vswitch::ovs +# +# installs openvswitch +# +# === Parameters: # # [*package_ensure*] # (Optional) State of the openvswitch package # Defaults to 'present'. # +# [*dkms_ensure*] +# (optional) on debian/wheezy, ubuntu/precise, ubuntu/trusty and +# ubuntu/utopic dkms (Dynamic Kernel Module Support) is used to +# have a kernel module which matches the running kernel. +# In newer distributions (which ship with a newer kernel) dkms +# is not available anymore for openvswitch. +# For RedHat this parameter is ignored. +# If you like turn off dkms on Debian/Ubuntu set to +# false. defaults to true. + class vswitch::ovs( - $package_ensure = 'present' + $package_ensure = 'present', + $dkms_ensure = true, ) { include ::vswitch::params case $::osfamily { 'Debian': { - # OVS doesn't build unless the kernel headers are present. - $kernelheaders_pkg = "linux-headers-${::kernelrelease}" - if ! defined(Package[$kernelheaders_pkg]) { - package { $kernelheaders_pkg: ensure => $package_ensure } + + if $dkms_ensure { + package { $::vswitch::params::ovs_dkms_package_name: + ensure => $package_ensure, + } + # OVS doesn't build unless the kernel headers are present. + $kernelheaders_pkg = "linux-headers-${::kernelrelease}" + if ! defined(Package[$kernelheaders_pkg]) { + package { $kernelheaders_pkg: ensure => $package_ensure } + } + exec { 'rebuild-ovsmod': + command => '/usr/sbin/dpkg-reconfigure openvswitch-datapath-dkms > /tmp/reconf-log', + creates => "/lib/modules/${::kernelrelease}/updates/dkms/openvswitch_mod.ko", + require => [Package[$::vswitch::params::ovs_dkms_package_name , $kernelheaders_pkg]], + before => Package['openvswitch-switch'], + refreshonly => true, + } } + case $::operatingsystem { 'ubuntu': { $ovs_status = '/sbin/status openvswitch-switch | fgrep "start/running"' @@ -31,14 +61,7 @@ name => $::vswitch::params::ovs_service_name, hasstatus => false, # the supplied command returns true even if it's not running # Not perfect - should spot if either service is not running - but it'll do - status => $ovs_status, - } - exec { 'rebuild-ovsmod': - command => '/usr/sbin/dpkg-reconfigure openvswitch-datapath-dkms > /tmp/reconf-log', - creates => "/lib/modules/${::kernelrelease}/updates/dkms/openvswitch_mod.ko", - require => [Package['openvswitch-datapath-dkms', $kernelheaders_pkg]], - before => Package['openvswitch-switch'], - refreshonly => true, + status => $ovs_status } } 'Redhat': { diff --git a/vswitch/manifests/params.pp b/vswitch/manifests/params.pp index 71f116978..3cb5370a8 100644 --- a/vswitch/manifests/params.pp +++ b/vswitch/manifests/params.pp @@ -3,14 +3,16 @@ class vswitch::params { case $::osfamily { 'Redhat': { - $ovs_package_name = 'openvswitch' - $ovs_service_name = 'openvswitch' - $provider = 'ovs_redhat' + $ovs_package_name = 'openvswitch' + $ovs_dkms_package_name = undef + $ovs_service_name = 'openvswitch' + $provider = 'ovs_redhat' } 'Debian': { - $ovs_package_name = ['openvswitch-switch', 'openvswitch-datapath-dkms'] - $ovs_service_name = 'openvswitch-switch' - $provider = 'ovs' + $ovs_package_name = 'openvswitch-switch' + $ovs_dkms_package_name = 'openvswitch-datapath-dkms' + $ovs_service_name = 'openvswitch-switch' + $provider = 'ovs' } default: { fail " Osfamily ${::osfamily} not supported yet" diff --git a/vswitch/spec/classes/vswitch_ovs_spec.rb b/vswitch/spec/classes/vswitch_ovs_spec.rb index c3b0d2928..7a235af64 100644 --- a/vswitch/spec/classes/vswitch_ovs_spec.rb +++ b/vswitch/spec/classes/vswitch_ovs_spec.rb @@ -2,26 +2,176 @@ describe 'vswitch::ovs' do + let :default_params do { + :package_ensure => 'present', + :dkms_ensure => true, + } + end + + let :redhat_platform_params do { + :ovs_package_name => 'openvswitch', + :ovs_service_name => 'openvswitch', + :provider => 'ovs_redhat', + } + end + + let :debian_platform_params do { + :ovs_package_name => 'openvswitch-switch', + :ovs_dkms_package_name => 'openvswitch-datapath-dkms', + :ovs_service_name => 'openvswitch-switch', + :provider => 'ovs', + :service_hasstatus => false, + :service_status => '/etc/init.d/openvswitch-switch status | fgrep "is running"', + } + end + + let :ubuntu_platform_params do { + :ovs_package_name => 'openvswitch-switch', + :ovs_dkms_package_name => 'openvswitch-datapath-dkms', + :ovs_service_name => 'openvswitch-switch', + :provider => 'ovs', + :service_hasstatus => false, + :service_status => '/sbin/status openvswitch-switch | fgrep "start/running"', + } + end + + shared_examples_for 'vswitch ovs' do + + it 'contains params' do + is_expected.to contain_class('vswitch::params') + end + + it 'configures service' do + is_expected.to contain_service('openvswitch').with( + :ensure => true, + :enable => true, + :name => platform_params[:ovs_service_name], + :hasstatus => platform_params[:service_hasstatus], + :status => platform_params[:service_status], + ) + end + + it 'install package' do + is_expected.to contain_package(platform_params[:ovs_package_name]).with( + :name => platform_params[:ovs_package_name], + :ensure => params[:package_ensure], + :before => 'Service[openvswitch]' + ) + end + end + + shared_examples_for 'do not install dkms' do + it 'does not rebuild kernel module' do + is_expected.to_not contain_exec('rebuild-ovsmod') + end + end + + shared_examples_for 'install dkms' do + it 'install kernel module' do + is_expected.to contain_package(platform_params[:ovs_dkms_package_name]).with( + :name => platform_params[:ovs_dkms_package_name], + :ensure => params[:package_ensure], + ) + end + it 'rebuilds kernel module' do + is_expected.to contain_exec('rebuild-ovsmod').with( + :command => '/usr/sbin/dpkg-reconfigure openvswitch-datapath-dkms > /tmp/reconf-log', + :refreshonly => true, + ) + end + end + context 'on redhat with default parameters' do + let :params do default_params end let :facts do {:osfamily => 'Redhat'} end - it 'should contain the correct package and service' do + let :platform_params do redhat_platform_params end - is_expected.to contain_service('openvswitch').with( - :ensure => true, - :enable => true, - :name => 'openvswitch' - ) + it_configures 'vswitch ovs' + it_configures 'do not install dkms' + end - is_expected.to contain_package('openvswitch').with( - :name => 'openvswitch', - :ensure => 'present', - :before => 'Service[openvswitch]' - ) + context 'on redhat with parameters' do + let :params do { + :package_ensure => 'latest', + :dkms_ensure => false, + } + end + let :facts do + {:osfamily => 'Redhat'} + end + let :platform_params do redhat_platform_params end + + it_configures 'vswitch ovs' + it_configures 'do not install dkms' + end + + context 'on Debian with default parameters' do + let :params do default_params end + + let :facts do + {:osfamily => 'Debian', + :operatingsystem => 'Debian', + } + end + let :platform_params do debian_platform_params end + + it_configures 'vswitch ovs' + it_configures 'install dkms' + end + + context 'on Debian with parameters' do + let :params do { + :package_ensure => 'latest', + :dkms_ensure => false, + } + end + + let :facts do + {:osfamily => 'Debian', + :operatingsystem => 'Debian', + } end + let :platform_params do debian_platform_params end + + it_configures 'vswitch ovs' + it_configures 'do not install dkms' + end + + context 'on Ubuntu with default parameters' do + let :params do default_params end + + let :facts do + {:osfamily => 'Debian', + :operatingsystem => 'ubuntu', + } + end + let :platform_params do ubuntu_platform_params end + + it_configures 'vswitch ovs' + it_configures 'install dkms' end + + context 'on Ubuntu with parameters' do + let :params do { + :package_ensure => 'latest', + :dkms_ensure => false, + } + end + + let :facts do + {:osfamily => 'Debian', + :operatingsystem => 'ubuntu', + } + end + let :platform_params do ubuntu_platform_params end + + it_configures 'vswitch ovs' + it_configures 'do not install dkms' + end + end diff --git a/vswitch/spec/spec_helper.rb b/vswitch/spec/spec_helper.rb index 2c6f56649..e17ce17d6 100644 --- a/vswitch/spec/spec_helper.rb +++ b/vswitch/spec/spec_helper.rb @@ -1 +1,5 @@ require 'puppetlabs_spec_helper/module_spec_helper' + +RSpec.configure do |c| + c.alias_it_should_behave_like_to :it_configures, 'configures' +end diff --git a/xinetd/manifests/params.pp b/xinetd/manifests/params.pp index 8c226779f..44f368d45 100644 --- a/xinetd/manifests/params.pp +++ b/xinetd/manifests/params.pp @@ -1,3 +1,5 @@ +# == Class: xinetd::params +# class xinetd::params { $default_user = 'root' $default_group = 'root'