diff --git a/Puppetfile b/Puppetfile index bde7fa2dc..17a11a09d 100644 --- a/Puppetfile +++ b/Puppetfile @@ -119,7 +119,7 @@ mod 'nssdb', :git => 'https://github.com/rcritten/puppet-nssdb.git' mod 'ntp', - :commit => '8f697e32bc279b36ada752273e6c788716b95315', + :commit => 'c1eef64924a51a5fb7281a4ccd0f098f0effd270', :git => 'https://github.com/puppetlabs/puppetlabs-ntp' mod 'openstack_extras', diff --git a/ntp/.gitignore b/ntp/.gitignore index b5b7a00d6..b5db85e05 100644 --- a/ntp/.gitignore +++ b/ntp/.gitignore @@ -5,3 +5,5 @@ spec/fixtures/ .vagrant/ .bundle/ coverage/ +.idea/ +*.iml diff --git a/ntp/.travis.yml b/ntp/.travis.yml index a40ae502e..6cf8b0044 100644 --- a/ntp/.travis.yml +++ b/ntp/.travis.yml @@ -1,6 +1,6 @@ --- language: ruby -bundler_args: --without development +bundler_args: --without system_tests script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" matrix: fast_finish: true diff --git a/ntp/CHANGELOG.md b/ntp/CHANGELOG.md index a0e0d6b09..45db969d1 100644 --- a/ntp/CHANGELOG.md +++ b/ntp/CHANGELOG.md @@ -1,3 +1,35 @@ +## 2015-xx-xx - Supported Release 4.0.0 +### Summary +This release drops puppet 2.7 support and older stdlib support. + +#### Backwards-incompatible changes +- UDLC (Undisciplined local clock) is now no longer enabled by default on anything (previous was enabled on non-virtual). +- Puppet 2.7 no longer supported +- puppetlabs-stdlib less than 4.5.0 no longer supported +- TODO: The `keys_file` parent directory is no longer managed by puppet + +#### Features +- TODO + +#### Bugfixes +- TODO + +##2014-11-04 - Supported Release 3.3.0 +###Summary + +This release adds support for SLES 12. + +####Features +- Added support for SLES 12 + +##2014-10-02 - Supported Release 3.2.1 +###Summary + +This is a bug-fix release addressing the security concerns of setting /etc/ntp to mode 0755 recursively. + +####Bugfixes +- Do not recursively set ownership/mode of /etc/ntp + ##2014-09-10 - Supported Release 3.2.0 ###Summary diff --git a/ntp/CONTRIBUTING.md b/ntp/CONTRIBUTING.md index e1288478a..f1cbde4bb 100644 --- a/ntp/CONTRIBUTING.md +++ b/ntp/CONTRIBUTING.md @@ -41,11 +41,9 @@ Checklist (and a short version for the impatient) * Pre-requisites: - - Sign the [Contributor License Agreement](https://cla.puppetlabs.com/) - - Make sure you have a [GitHub account](https://github.com/join) - - [Create a ticket](http://projects.puppetlabs.com/projects/modules/issues/new), or [watch the ticket](http://projects.puppetlabs.com/projects/modules/issues) you are patching for. + - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. * Preferred method: @@ -94,17 +92,7 @@ The long version whitespace or other "whitespace errors". You can do this by running "git diff --check" on your changes before you commit. - 2. Sign the Contributor License Agreement - - Before we can accept your changes, we do need a signed Puppet - Labs Contributor License Agreement (CLA). - - You can access the CLA via the [Contributor License Agreement link](https://cla.puppetlabs.com/) - - If you have any questions about the CLA, please feel free to - contact Puppet Labs via email at cla-submissions@puppetlabs.com. - - 3. Sending your patches + 2. Sending your patches To submit your changes via a GitHub pull request, we _highly_ recommend that you have them on a topic branch, instead of @@ -124,7 +112,7 @@ The long version in order to open a pull request. - 4. Update the related GitHub issue. + 3. Update the related GitHub issue. If there is a GitHub issue associated with the change you submitted, then you should update the ticket to include the @@ -220,14 +208,12 @@ review. Additional Resources ==================== -* [Getting additional help](http://projects.puppetlabs.com/projects/puppet/wiki/Getting_Help) +* [Getting additional help](http://puppetlabs.com/community/get-help) * [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) * [Patchwork](https://patchwork.puppetlabs.com) -* [Contributor License Agreement](https://projects.puppetlabs.com/contributor_licenses/sign) - * [General GitHub documentation](http://help.github.com/) * [GitHub pull request documentation](http://help.github.com/send-pull-requests/) diff --git a/ntp/Gemfile b/ntp/Gemfile index e960f7c4b..62c569397 100644 --- a/ntp/Gemfile +++ b/ntp/Gemfile @@ -1,15 +1,19 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" -group :development, :test do +group :development, :unit_tests do gem 'rake', :require => false - gem 'rspec-puppet', :require => false + gem 'rspec-core', '3.1.7', :require => false + gem 'rspec-puppet', '~> 1.0', :require => false gem 'puppetlabs_spec_helper', :require => false - gem 'serverspec', :require => false gem 'puppet-lint', :require => false - gem 'beaker', :require => false - gem 'beaker-rspec', :require => false - gem 'pry', :require => false gem 'simplecov', :require => false + gem 'puppet_facts', :require => false + gem 'json', :require => false +end + +group :system_tests do + gem 'beaker-rspec', :require => false + gem 'serverspec', :require => false end if facterversion = ENV['FACTER_GEM_VERSION'] diff --git a/ntp/README.markdown b/ntp/README.markdown index 630d70dd6..f7209ef9c 100644 --- a/ntp/README.markdown +++ b/ntp/README.markdown @@ -5,9 +5,6 @@ 1. [Overview](#overview) 2. [Module Description - What the module does and why it is useful](#module-description) 3. [Setup - The basics of getting started with ntp](#setup) - * [What ntp affects](#what-ntp-affects) - * [Setup requirements](#setup-requirements) - * [Beginning with ntp](#beginning-with-ntp) 4. [Usage - Configuration options and additional functionality](#usage) 5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 5. [Limitations - OS compatibility, etc.](#limitations) @@ -23,16 +20,9 @@ The ntp module handles installing, configuring, and running NTP across a range o ##Setup -###What ntp affects - -* ntp package. -* ntp configuration file. -* ntp service. - ###Beginning with ntp -`include '::ntp'` is enough to get you up and running. If you wish to pass in -parameters specifying which servers to use, then: +`include '::ntp'` is enough to get you up and running. If you wish to pass in parameters specifying which servers to use, then: ```puppet class { '::ntp': @@ -42,8 +32,7 @@ class { '::ntp': ##Usage -All interaction with the ntp module can do be done through the main ntp class. -This means you can simply toggle the options in `::ntp` to have full functionality of the module. +All interaction with the ntp module can be done through the main ntp class. This means you can simply toggle the options in `::ntp` to have full functionality of the module. ###I just want NTP, what's the minimum I need? @@ -68,9 +57,25 @@ class { '::ntp': } ``` +###I just want to install a client that can't be queried + +```puppet +class { '::ntp': + servers => ['ntp1.corp.com', 'ntp2.corp.com'], + restrict => [ + 'default ignore', + '-6 default ignore', + '127.0.0.1', + '-6 ::1', + 'ntp1.corp.com nomodify notrap nopeer noquery', + 'ntp1.corp.com nomodify notrap nopeer noquery' + ], +} +``` + ###I only want to listen on specific interfaces, not on 0.0.0.0 -Restricting this is especially useful on Openstack nodes which may have numerous virtual interfaces. +Restricting ntp to a specific interface is especially useful on Openstack nodes which may have numerous virtual interfaces. ```puppet class { '::ntp': @@ -89,6 +94,14 @@ class { '::ntp': } ``` +###I'd like to configure and run ntp, but I don't need to install it. + +```puppet +class { '::ntp': + package_manage => false, +} +``` + ###Looks great! But I'd like a different template; we need to do something unique here. ```puppet @@ -116,137 +129,150 @@ class { '::ntp': ###Parameters -The following parameters are available in the ntp module: +The following parameters are available in the `::ntp` class: ####`autoupdate` -**Deprecated:** This parameter determined whether the ntp module should be -automatically updated to the latest version available. Replaced by `package_ensure`. +**Deprecated; replaced by the `package_ensure` parameter**. Tells Puppet whether to keep the ntp module updated to the latest version available. Valid options: 'true' or 'false'. Default value: 'false' + +####`broadcastclient` + +Enable reception of broadcast server messages to any local interface. ####`config` -Sets the file that ntp configuration is written into. +Specifies a file for ntp's configuration info. Valid options: string containing an absolute path. Default value: '/etc/ntp.conf' (or '/etc/inet/ntp.conf' on Solaris) ####`config_template` -Determines which template Puppet should use for the ntp configuration. +Specifies a file to act as a template for the config file. Valid options: string containing a path (absolute, or relative to the module path). Default value: 'ntp/ntp.conf.erb' + +####`disable_auth` + +Do not require cryptographic authentication for broadcast client, multicast +client and symmetric passive associations. ####`disable_monitor` -Disables monitoring of ntp. +Tells Puppet whether to refrain from monitoring the NTP service. Valid options: 'true' or 'false'. Default value: 'false' ####`driftfile` -Sets the location of the drift file for ntp. +Specifies an NTP driftfile. Valid options: string containing an absolute path. Default value: '/var/lib/ntp/drift' (except on AIX and Solaris) + +#### `fudge` + +Used to provide additional information for individual clock drivers. Valid options: array containing strings that follow the `fudge` command. Default value: [ ] ####`iburst_enable` -Set the iburst option in the ntp configuration. If enabled the option is set for every ntp peer. +Specifies whether to enable the iburst option for every NTP peer. Valid options: 'true' or 'false'. Default value: 'false' (except on AIX and Debian) ####`interfaces` -Sets the list of interfaces NTP will listen on. This parameter must be an array. +Specifies one or more network interfaces for NTP to listen on. Valid options: array. Default value: [ ] ####`keys_controlkey` -The key to use as the control key. +Provides a control key to be used by NTP. Valid options: string. Default value: ' ' ####`keys_enable` -Whether the ntp keys functionality is enabled. +Tells Puppet whether to enable key-based authentication. Valid options: 'true' or 'false'. Default value: 'false' ####`keys_file` -Location of the keys file. +Specifies an NTP keys file. Valid options: string containing an absolute path. Default value: '/etc/ntp/keys' (except on AIX, SLES, and Solaris) ####`keys_requestkey` -Which of the keys is the request key. +Provides a request key to be used by NTP. Valid options: string. Default value: ' ' + +#### `keys_trusted`: +Provides one or more keys to be trusted by NTP. Valid options: array of keys. Default value: [ ] -#### `keys_trusted` +#### `logfile` -Array of trusted keys. +Specifies a log file for NTP to use instead of syslog. Valid options: string containing an absolute path. Default value: ' ' ####`package_ensure` -Sets the ntp package to be installed. Can be set to 'present', 'latest', or a specific version. +Tells Puppet whether the NTP package should be installed, and what version. Valid options: 'present', 'latest', or a specific version number. Default value: 'present' + +####`package_manage` + +Tells Puppet whether to manage the NTP package. Valid options: 'true' or 'false'. Default value: 'true' ####`package_name` -Determines the name of the package to install. +Tells Puppet what NTP package to manage. Valid options: string. Default value: 'ntp' (except on AIX and Solaris) ####`panic` -Determines if ntp should 'panic' in the event of a very large clock skew. -This defaults to false for virtual machines, as they don't do a great job with keeping time. +Specifies whether NTP should "panic" in the event of a very large clock skew. Valid options: 'true' or 'false'. Default value: 'true' (except on virtual machines, where major time shifts are normal) ####`preferred_servers` -List of ntp servers to prefer. Will append 'prefer' for any server in this list -that also appears in the servers list. +Specifies one or more preferred peers. Puppet will append 'prefer' to each matching item in the `servers` array. Valid options: array. Default value: [ ] ####`restrict` -Sets the restrict options in the ntp configuration. The lines are -prefixed with 'restrict', so you just need to list the rest of the restriction. +Specifies one or more `restrict` options for the NTP configuration. Puppet will prefix each item with 'restrict', so you only need to list the content of the restriction. Valid options: array. Default value for most operating systems: + +~~~~ +[ + 'default kod nomodify notrap nopeer noquery', + '-6 default kod nomodify notrap nopeer noquery', + '127.0.0.1', + '-6 ::1', +] +~~~~ + +Default value for AIX systems: + +~~~~ +[ + 'default nomodify notrap nopeer noquery', + '127.0.0.1', +] +~~~~ ####`servers` -Selects the servers to use for ntp peers. +Specifies one or more servers to be used as NTP peers. Valid options: array. Default value: varies by operating system ####`service_enable` -Determines if the service should be enabled at boot. +Tells Puppet whether to enable the NTP service at boot. Valid options: 'true' or 'false'. Default value: 'true' ####`service_ensure` -Determines if the service should be running or not. +Tells Puppet whether the NTP service should be running. Valid options: 'running' or 'stopped'. Default value: 'running' ####`service_manage` -Selects whether Puppet should manage the service. +Tells Puppet whether to manage the NTP service. Valid options: 'true' or 'false'. Default value: 'true' ####`service_name` -Selects the name of the ntp service for Puppet to manage. +Tells Puppet what NTP service to manage. Valid options: string. Default value: varies by operating system ####`udlc` -Enables configs for undisciplined local clock, regardless of -status as a virtual machine. - +Specifies whether to configure ntp to use the undisciplined local clock as a time source. Valid options: 'true' or 'false'. Default value: 'false' ##Limitations -This module has been built on and tested against Puppet 2.7 and higher. - -The module has been tested on: - -* RedHat Enterprise Linux 5/6 -* Debian 6/7 -* CentOS 5/6 -* Ubuntu 12.04 -* Gentoo -* Arch Linux -* FreeBSD -* Solaris 11 -* AIX 5.3, 6.1, 7.1 - -Testing on other platforms has been light and cannot be guaranteed. +This module has been tested on [all PE-supported platforms](https://forge.puppetlabs.com/supported#compat-matrix), and no issues have been identified. ##Development -Puppet Labs modules on the Puppet Forge are open projects, and community -contributions are essential for keeping them great. We can’t access the -huge number of platforms and myriad of hardware, software, and deployment -configurations that Puppet is intended to serve. +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. -We want to keep it as easy as possible to contribute changes so that our -modules work in your environment. There are a few guidelines that we need -contributors to follow so that we can have a chance of keeping on top of things. +We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) +For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) ###Contributors -The list of contributors can be found at: [https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors](https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors) +To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors) diff --git a/ntp/Rakefile b/ntp/Rakefile index 5868545f2..e3be95b0b 100644 --- a/ntp/Rakefile +++ b/ntp/Rakefile @@ -2,9 +2,9 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-lint/tasks/puppet-lint' PuppetLint.configuration.fail_on_warnings +PuppetLint.configuration.send('relative') PuppetLint.configuration.send('disable_80chars') PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_class_parameter_defaults') PuppetLint.configuration.send('disable_documentation') PuppetLint.configuration.send('disable_single_quote_string_with_variables') PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/ntp/manifests/init.pp b/ntp/manifests/init.pp index 2cbc462fd..14adf5952 100644 --- a/ntp/manifests/init.pp +++ b/ntp/manifests/init.pp @@ -1,8 +1,11 @@ class ntp ( $autoupdate = $ntp::params::autoupdate, + $broadcastclient = $ntp::params::broadcastclient, $config = $ntp::params::config, $config_template = $ntp::params::config_template, + $disable_auth = $ntp::params::disable_auth, $disable_monitor = $ntp::params::disable_monitor, + $fudge = $ntp::params::fudge, $driftfile = $ntp::params::driftfile, $logfile = $ntp::params::logfile, $iburst_enable = $ntp::params::iburst_enable, @@ -12,6 +15,7 @@ $keys_requestkey = $ntp::params::keys_requestkey, $keys_trusted = $ntp::params::keys_trusted, $package_ensure = $ntp::params::package_ensure, + $package_manage = $ntp::params::package_manage, $package_name = $ntp::params::package_name, $panic = $ntp::params::panic, $preferred_servers = $ntp::params::preferred_servers, @@ -25,8 +29,10 @@ $udlc = $ntp::params::udlc ) inherits ntp::params { + validate_bool($broadcastclient) validate_absolute_path($config) validate_string($config_template) + validate_bool($disable_auth) validate_bool($disable_monitor) validate_absolute_path($driftfile) if $logfile { validate_absolute_path($logfile) } @@ -36,12 +42,14 @@ validate_re($keys_requestkey, ['^\d+$', '']) validate_array($keys_trusted) validate_string($package_ensure) + validate_bool($package_manage) validate_array($package_name) validate_bool($panic) validate_array($preferred_servers) validate_array($restrict) validate_array($interfaces) validate_array($servers) + validate_array($fudge) validate_bool($service_enable) validate_string($service_ensure) validate_bool($service_manage) diff --git a/ntp/manifests/install.pp b/ntp/manifests/install.pp index 237f4c1c0..49f4044bf 100644 --- a/ntp/manifests/install.pp +++ b/ntp/manifests/install.pp @@ -1,8 +1,12 @@ # class ntp::install inherits ntp { - package { $package_name: - ensure => $package_ensure, + if $package_manage { + + package { $package_name: + ensure => $package_ensure, + } + } } diff --git a/ntp/manifests/params.pp b/ntp/manifests/params.pp index a3cde9ea5..47a898001 100644 --- a/ntp/manifests/params.pp +++ b/ntp/manifests/params.pp @@ -15,10 +15,17 @@ $service_manage = true $udlc = false $interfaces = [] + $disable_auth = false + $broadcastclient = false + + # Allow a list of fudge options + $fudge = [] # On virtual machines allow large clock skews. - $panic = str2bool($::is_virtual) ? { - true => false, + # TODO Change this to str2bool($::is_virtual) when stdlib dependency is >= 4.0.0 + # NOTE The "x${var}" is just to avoid lint quoted variable warning. + $panic = "x${::is_virtual}" ? { + 'xtrue' => false, default => true, } @@ -28,6 +35,11 @@ $default_package_name = ['ntp'] $default_service_name = 'ntpd' + $package_manage = $::osfamily ? { + 'FreeBSD' => false, + default => true, + } + case $::osfamily { 'AIX': { $config = $default_config @@ -53,10 +65,10 @@ $driftfile = $default_driftfile $package_name = $default_package_name $restrict = [ - 'default kod nomodify notrap nopeer noquery', + '-4 kod nomodify notrap nopeer noquery', '-6 default kod nomodify notrap nopeer noquery', '127.0.0.1', - '-6 ::1', + '::1', ] $service_name = 'ntp' $iburst_enable = true @@ -87,8 +99,15 @@ ] } 'Suse': { + if $::operatingsystem == 'SLES' and $::operatingsystemmajrelease == '12' + { + $service_name = 'ntpd' + $keys_file = '/etc/ntp.keys' + } else{ + $service_name = 'ntp' + $keys_file = $default_keys_file + } $config = $default_config - $keys_file = $default_keys_file $driftfile = '/var/lib/ntp/drift/ntp.drift' $package_name = $default_package_name $restrict = [ @@ -97,7 +116,6 @@ '127.0.0.1', '-6 ::1', ] - $service_name = 'ntp' $iburst_enable = false $servers = [ '0.opensuse.pool.ntp.org', @@ -168,7 +186,7 @@ '3.pool.ntp.org', ] } - # Gentoo was added as its own $::osfamily in Facter 1.7.0 + # Gentoo was added as its own $::osfamily in Facter 1.7.0 'Gentoo': { $config = $default_config $keys_file = $default_keys_file @@ -190,8 +208,8 @@ ] } 'Linux': { - # Account for distributions that don't have $::osfamily specific settings. - # Before Facter 1.7.0 Gentoo did not have its own $::osfamily + # Account for distributions that don't have $::osfamily specific settings. + # Before Facter 1.7.0 Gentoo did not have its own $::osfamily case $::operatingsystem { 'Gentoo': { $config = $default_config diff --git a/ntp/metadata.json b/ntp/metadata.json index 48fdafde2..962d11e4a 100644 --- a/ntp/metadata.json +++ b/ntp/metadata.json @@ -1,8 +1,8 @@ { "name": "puppetlabs-ntp", - "version": "3.2.0", + "version": "3.3.0", "author": "Puppet Labs", - "summary": "NTP Module", + "summary": "Installs, configures, and manages the NTP service.", "license": "Apache Version 2.0", "source": "https://github.com/puppetlabs/puppetlabs-ntp", "project_page": "https://github.com/puppetlabs/puppetlabs-ntp", @@ -20,27 +20,32 @@ "operatingsystem": "CentOS", "operatingsystemrelease": [ "5", - "6" + "6", + "7" ] }, { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ "5", - "6" + "6", + "7" ] }, { "operatingsystem": "Scientific", "operatingsystemrelease": [ "5", - "6" + "6", + "7" ] }, { "operatingsystem": "SLES", "operatingsystemrelease": [ - "11 SP1" + "10 SP4", + "11 SP1", + "12" ] }, { @@ -76,7 +81,7 @@ "requirements": [ { "name": "pe", - "version_requirement": "3.x" + "version_requirement": ">= 3.7.0 < 4.0.0" }, { "name": "puppet", @@ -85,6 +90,6 @@ ], "description": "NTP Module for Debian, Ubuntu, CentOS, RHEL, OEL, Fedora, FreeBSD, ArchLinux and Gentoo.", "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"} + {"name":"puppetlabs/stdlib","version_requirement":">= 4.5.0 < 5.0.0"} ] } diff --git a/ntp/spec/acceptance/nodesets/sles-12-64.yml b/ntp/spec/acceptance/nodesets/sles-12-64.yml new file mode 100644 index 000000000..00c147a8f --- /dev/null +++ b/ntp/spec/acceptance/nodesets/sles-12-64.yml @@ -0,0 +1,20 @@ +--- +HOSTS: + czriitzephrrlzw: + roles: + - master + - database + - dashboard + - agent + - default + platform: sles-12-x86_64 + template: sles-12-x86_64 + hypervisor: vcloud +CONFIG: + nfs_server: none + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://enterprise.delivery.puppetlabs.net/3.4/preview diff --git a/ntp/spec/acceptance/ntp_install_spec.rb b/ntp/spec/acceptance/ntp_install_spec.rb index 1c81fb005..29aac2246 100644 --- a/ntp/spec/acceptance/ntp_install_spec.rb +++ b/ntp/spec/acceptance/ntp_install_spec.rb @@ -22,7 +22,11 @@ packagename = 'service/network/ntp' end else - packagename = 'ntp' + if fact('operatingsystem') == 'SLES' and fact('operatingsystemmajrelease') == '12' + servicename = 'ntpd' + else + servicename = 'ntp' + end end describe 'ntp::install class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do diff --git a/ntp/spec/acceptance/ntp_parameters_spec.rb b/ntp/spec/acceptance/ntp_parameters_spec.rb index 675cf81e4..e4c230d7e 100644 --- a/ntp/spec/acceptance/ntp_parameters_spec.rb +++ b/ntp/spec/acceptance/ntp_parameters_spec.rb @@ -22,7 +22,11 @@ packagename = 'service/network/ntp' end else - packagename = 'ntp' + if fact('operatingsystem') == 'SLES' and fact('operatingsystemmajrelease') == '12' + servicename = 'ntpd' + else + servicename = 'ntp' + end end if (fact('osfamily') == 'Solaris') diff --git a/ntp/spec/acceptance/ntp_service_spec.rb b/ntp/spec/acceptance/ntp_service_spec.rb index 83c279758..73edd656d 100644 --- a/ntp/spec/acceptance/ntp_service_spec.rb +++ b/ntp/spec/acceptance/ntp_service_spec.rb @@ -1,16 +1,35 @@ require 'spec_helper_acceptance' +require 'specinfra' case fact('osfamily') -when 'RedHat', 'FreeBSD', 'Linux', 'Gentoo' - servicename = 'ntpd' -when 'Solaris' - servicename = 'network/ntp' -when 'AIX' - servicename = 'xntpd' -else - servicename = 'ntp' + when 'RedHat', 'FreeBSD', 'Linux', 'Gentoo' + servicename = 'ntpd' + when 'Solaris' + servicename = 'network/ntp' + when 'AIX' + servicename = 'xntpd' + else + if fact('operatingsystem') == 'SLES' and fact('operatingsystemmajrelease') == '12' + servicename = 'ntpd' + else + servicename = 'ntp' + end +end +shared_examples 'running' do + describe service(servicename) do + if !(fact('operatingsystem') == 'SLES' && fact('operatingsystemmajrelease') == '12') + it { should be_running } + it { should be_enabled } + else + # hack until we either update SpecInfra or come up with alternative + it { + output = shell('service ntpd status') + expect(output.stdout).to match(/Active\:\s+active\s+\(running\)/) + expect(output.stdout).to match(/^\s+Loaded.*enabled\)$/) + } + end + end end - describe 'ntp::service class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'basic test' do it 'sets up the service' do @@ -19,10 +38,7 @@ class { 'ntp': } }, :catch_failures => true) end - describe service(servicename) do - it { should be_enabled } - it { should be_running } - end + it_should_behave_like 'running' end describe 'service parameters' do @@ -37,29 +53,37 @@ class { 'ntp': EOS apply_manifest(pp, :catch_failures => true) end - - describe service(servicename) do - it { should be_running } - it { should be_enabled } - end + it_should_behave_like 'running' end +end - describe 'service is unmanaged' do - it 'shouldnt stop the service' do - pp = <<-EOS +describe 'service is unmanaged' do + it 'shouldnt stop the service' do + pp = <<-EOS class { 'ntp': service_enable => false, service_ensure => stopped, service_manage => false, service_name => '#{servicename}' } - EOS - apply_manifest(pp, :catch_failures => true) - end + EOS + apply_manifest(pp, :catch_failures => true) + end - describe service(servicename) do + describe service(servicename) do + if !(fact('operatingsystem') == 'SLES' && fact('operatingsystemmajrelease') == '12') it { should be_running } it { should be_enabled } + else + # hack until we either update SpecInfra or come up with alternative + output = shell('service ntpd status', :acceptable_exit_codes => [0, 3]) + it 'should be disabled' do + expect(output.stdout).to match(/^\s+Loaded.*disabled\)$/) + end + it 'should be stopped' do + expect(output.stdout).to match(/Active\:\s+inactive/) + end end end end + diff --git a/ntp/spec/classes/ntp_spec.rb b/ntp/spec/classes/ntp_spec.rb index 809bc12f5..4864e8883 100644 --- a/ntp/spec/classes/ntp_spec.rb +++ b/ntp/spec/classes/ntp_spec.rb @@ -9,6 +9,10 @@ let :facts do super().merge({ :osfamily => 'Linux', :operatingsystem => 'Gentoo' }) end + elsif system == 'Suse' + let :facts do + super().merge({ :osfamily => system,:operatingsystem => 'SLES',:operatingsystemmajrelease => '11' }) + end else let :facts do super().merge({ :osfamily => system }) @@ -122,23 +126,76 @@ } end end + describe 'with parameter disable_auth' do + context 'when set to true' do + let(:params) {{ + :disable_auth => true, + }} + + it 'should contain disable auth setting' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^disable auth\n/, + }) + end + end + context 'when set to false' do + let(:params) {{ + :disable_auth => false, + }} + + it 'should not contain disable auth setting' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^disable auth\n/, + }) + end + end + end + describe 'with parameter broadcastclient' do + context 'when set to true' do + let(:params) {{ + :broadcastclient => true, + }} + + it 'should contain broadcastclient setting' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^broadcastclient\n/, + }) + end + end + context 'when set to false' do + let(:params) {{ + :broadcastclient => false, + }} + + it 'should not contain broadcastclient setting' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^broadcastclient\n/, + }) + end + end + end describe "ntp::install on #{system}" do - let(:params) {{ :package_ensure => 'present', :package_name => ['ntp'], }} + let(:params) {{ :package_ensure => 'present', :package_name => ['ntp'], :package_manage => true, }} it { should contain_package('ntp').with( :ensure => 'present' )} describe 'should allow package ensure to be overridden' do - let(:params) {{ :package_ensure => 'latest', :package_name => ['ntp'] }} + let(:params) {{ :package_ensure => 'latest', :package_name => ['ntp'], :package_manage => true, }} it { should contain_package('ntp').with_ensure('latest') } end describe 'should allow the package name to be overridden' do - let(:params) {{ :package_ensure => 'present', :package_name => ['hambaby'] }} + let(:params) {{ :package_ensure => 'present', :package_name => ['hambaby'], :package_manage => true, }} it { should contain_package('hambaby') } end + + describe 'should allow the package to be unmanaged' do + let(:params) {{ :package_manage => false, :package_name => ['ntp'], }} + it { should_not contain_package('ntp') } + end end describe 'ntp::service' do @@ -214,22 +271,22 @@ :servers => ['a', 'b', 'c', 'd'], :logfile => '/var/log/foobar.log', }} - + it 'should contain logfile setting' do should contain_file('/etc/ntp.conf').with({ - 'content' => /^logfile = \/var\/log\/foobar\.log\n/, + 'content' => /^logfile \/var\/log\/foobar\.log\n/, }) end end - + context 'when set to false' do let(:params) {{ :servers => ['a', 'b', 'c', 'd'], }} - + it 'should not contain a logfile line' do should_not contain_file('/etc/ntp.conf').with({ - 'content' => /logfile =/, + 'content' => /logfile /, }) end end @@ -289,13 +346,13 @@ describe "on osfamily Suse" do let :facts do - super().merge({ :osfamily => 'Suse' }) + super().merge({ :osfamily => 'Suse', :operatingsystem => 'SLES',:operatingsystemmajrelease => '11' }) end it 'uses the opensuse ntp servers by default' do should contain_file('/etc/ntp.conf').with({ 'content' => /server \d.opensuse.pool.ntp.org/, - }) + }) end end diff --git a/ntp/spec/spec_helper_acceptance.rb b/ntp/spec/spec_helper_acceptance.rb index 07c47c601..1a4bea19a 100644 --- a/ntp/spec/spec_helper_acceptance.rb +++ b/ntp/spec/spec_helper_acceptance.rb @@ -1,20 +1,29 @@ require 'beaker-rspec' -UNSUPPORTED_PLATFORMS = [ 'windows', 'Darwin' ] +UNSUPPORTED_PLATFORMS = ['windows', 'Darwin'] unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' # This will install the latest available package on el and deb based # systems fail on windows and osx, and install via gem on other *nixes - foss_opts = { :default_action => 'gem_install' } + foss_opts = {:default_action => 'gem_install'} - if default.is_pe?; then install_pe; else install_puppet( foss_opts ); end + if default.is_pe?; then + install_pe; + else + install_puppet(foss_opts); + end hosts.each do |host| unless host.is_pe? on host, "/bin/echo '' > #{host['hieraconf']}" end on host, "mkdir -p #{host['distmoduledir']}" - on host, puppet('module install puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } + if host['platform'] =~ /sles-12/i || host['platform'] =~ /solaris-11/i + apply_manifest_on(host, 'package{"git":}') + on host, 'git clone -b 4.3.x https://github.com/puppetlabs/puppetlabs-stdlib /etc/puppetlabs/puppet/modules/stdlib' + else + on host, puppet('module install puppetlabs-stdlib'), {:acceptable_exit_codes => [0, 1]} + end end end diff --git a/ntp/templates/ntp.conf.erb b/ntp/templates/ntp.conf.erb index 99f43d7e0..2393087f1 100644 --- a/ntp/templates/ntp.conf.erb +++ b/ntp/templates/ntp.conf.erb @@ -9,6 +9,9 @@ tinker panic 0 <% if @disable_monitor == true -%> disable monitor <% end -%> +<% if @disable_auth == true -%> +disable auth +<% end -%> <% if @restrict != [] -%> # Permit time synchronization with our time source, but do not @@ -27,15 +30,19 @@ interface listen <%= interface %> <% end -%> <% end -%> +<% if @broadcastclient == true -%> +broadcastclient +<% end -%> + <% [@servers].flatten.each do |server| -%> server <%= server %><% if @iburst_enable == true -%> iburst<% end %><% if @preferred_servers.include?(server) -%> prefer<% end %> <% end -%> -<% if scope.lookupvar('::is_virtual') == "false" or @udlc -%> +<% if @udlc -%> # Undisciplined Local Clock. This is a fake driver intended for backup -# and when no outside source of synchronized time is available. -server 127.127.1.0 -fudge 127.127.1.0 stratum 10 +# and when no outside source of synchronized time is available. +server 127.127.1.0 +fudge 127.127.1.0 stratum 10 restrict 127.127.1.0 <% end -%> @@ -44,7 +51,7 @@ driftfile <%= @driftfile %> <% unless @logfile.nil? -%> # Logfile -logfile = <%= @logfile %> +logfile <%= @logfile %> <% end -%> <% if @keys_enable -%> @@ -60,3 +67,6 @@ controlkey <%= @keys_controlkey %> <% end -%> <% end -%> +<% [@fudge].flatten.each do |entry| -%> +fudge <%= entry %> +<% end -%>