From 3ea8f28bca09d24026ba15c3fba8bb2f90ac3959 Mon Sep 17 00:00:00 2001 From: Steven Pritchard Date: Fri, 13 Dec 2024 17:34:44 -0600 Subject: [PATCH 1/2] Clean up for rubocop --- .github/workflows/pr_tests.yml | 11 +- .rubocop.yml | 699 ++++++++++++++++++ Gemfile | 11 +- lib/facter/puppet_ruby_dir.rb | 2 +- lib/facter/puppet_service_enabled.rb | 8 +- lib/facter/puppet_service_started.rb | 8 +- lib/facter/puppetserver_jruby.rb | 2 +- lib/facter/simp_pupmod_serverversion.rb | 10 +- .../suites/default/01_puppet_server_spec.rb | 58 +- .../suites/default/50_generate_types_spec.rb | 30 +- .../default/60_disable_generate_types.rb | 18 +- spec/acceptance/suites/default/lib/util.rb | 8 +- spec/classes/00_classes/agent/cron_spec.rb | 93 ++- spec/classes/00_classes/facter/conf_spec.rb | 98 ++- spec/classes/10_classes/master/base_spec.rb | 114 +-- .../10_classes/master/generate_types_spec.rb | 82 +- .../classes/10_classes/master/reports_spec.rb | 9 +- .../10_classes/master/simp_auth_spec.rb | 36 +- .../10_classes/master/sysconfig_spec.rb | 281 +++---- spec/classes/20_classes/init_spec.rb | 245 +++--- spec/classes/20_classes/init_test_spec.rb | 17 +- spec/classes/20_classes/master_spec.rb | 498 +++++++------ spec/defines/conf_spec.rb | 20 +- spec/defines/master/autosign_spec.rb | 4 +- spec/defines/master/fileserver_entry_spec.rb | 40 +- spec/defines/pass_two_spec.rb | 276 +++---- spec/functions/max_active_instances_spec.rb | 231 +++--- spec/spec_helper.rb | 15 +- spec/spec_helper_acceptance.rb | 39 +- .../compliance_engine_enforce_spec.rb | 95 ++- spec/unit/facter/puppet_service_spec.rb | 20 +- spec/unit/facter/puppetserver_jruby.rb | 16 +- 32 files changed, 2003 insertions(+), 1091 deletions(-) create mode 100644 .rubocop.yml diff --git a/.github/workflows/pr_tests.yml b/.github/workflows/pr_tests.yml index 21ca28c1..bcc5fb01 100644 --- a/.github/workflows/pr_tests.yml +++ b/.github/workflows/pr_tests.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: "Install Ruby ${{matrix.puppet.ruby_version}}" + - name: "Install Ruby 2.7" uses: ruby/setup-ruby@v1 # ruby/setup-ruby@ec106b438a1ff6ff109590de34ddc62c540232e0 with: ruby-version: 2.7 @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: "Install Ruby ${{matrix.puppet.ruby_version}}" + - name: "Install Ruby 2.7" uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 @@ -56,13 +56,12 @@ jobs: - run: "bundle exec rake metadata_lint" ruby-style: - if: false # TODO Modules will need: rubocop in Gemfile, .rubocop.yml - name: 'Ruby Style (experimental)' + name: 'Ruby Style' runs-on: ubuntu-latest continue-on-error: true steps: - uses: actions/checkout@v3 - - name: "Install Ruby ${{matrix.puppet.ruby_version}}" + - name: "Install Ruby 2.7" uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 @@ -89,7 +88,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: 'Install Ruby ${{matrix.puppet.ruby_version}}' + - name: 'Install Ruby 2.7' uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 00000000..65c8c0ab --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,699 @@ +--- +require: + - rubocop-performance + - rubocop-rake + - rubocop-rspec +AllCops: + NewCops: enable + DisplayCopNames: true + TargetRubyVersion: "2.7" + Include: + - "**/*.rb" + Exclude: + - bin/* + - ".vendor/**/*" + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" +Layout/LineLength: + Description: People have wide screens, use them. + Max: 200 +RSpec/BeforeAfterAll: + Description: + Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +RSpec/DescribeSymbol: + Exclude: + - spec/unit/facter/**/*.rb +Style/BlockDelimiters: + Description: + Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty +Style/FormatString: + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: + Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal +Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 + EnforcedStyle: percent_r +Style/TernaryParentheses: + Description: + Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: + Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInArrayLiteral: + Description: + Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +RSpec/MessageSpies: + EnforcedStyle: receive +Style/Documentation: + Exclude: + - lib/puppet/parser/functions/**/* + - spec/**/* +Style/WordArray: + EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/Sum: + Enabled: true +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true +Bundler/GemFilename: + Enabled: false +Bundler/InsecureProtocolSource: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: + Enabled: false +Gemspec/RequiredRubyVersion: + Enabled: false +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: + Enabled: false +Layout/ClosingHeredocIndentation: + Enabled: false +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: + Enabled: false +Layout/EndOfLine: + Enabled: false +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/BlockNesting: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/AccessorMethodName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +Naming/VariableNumber: + Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Dialect: + Enabled: false +RSpec/ContainExactly: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false +RSpec/DescribeClass: + Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false +RSpec/ExampleLength: + Enabled: false +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MatchArray: + Enabled: false +RSpec/MissingExampleGroupArgument: + Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false +RSpec/NestedGroups: + Enabled: false +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/FrozenStringLiteralComment: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false +Style/SymbolProc: + Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateMagicComment: + Enabled: false +Lint/DuplicateMatchPattern: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/TripleQuotes: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/ArrayIntersect: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DataInheritance: + Enabled: false +Style/DirEmpty: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NestedFileDirname: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantLineContinuation: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/Gemfile b/Gemfile index e74c3dad..7c330d61 100644 --- a/Gemfile +++ b/Gemfile @@ -10,16 +10,23 @@ ENV['PDK_DISABLE_ANALYTICS'] ||= 'true' gem_sources.each { |gem_source| source gem_source } +group :syntax do + gem 'metadata-json-lint' + gem 'puppet-lint-trailing_comma-check', require: false + gem 'rubocop', '~> 1.68.0' + gem 'rubocop-performance', '~> 1.23.0' + gem 'rubocop-rake', '~> 0.6.0' + gem 'rubocop-rspec', '~> 3.2.0' +end + group :test do puppet_version = ENV.fetch('PUPPET_VERSION', ['>= 7', '< 9']) major_puppet_version = Array(puppet_version).first.scan(%r{(\d+)(?:\.|\Z)}).flatten.first.to_i gem 'hiera-puppet-helper' - gem 'metadata-json-lint' gem 'pathspec', '~> 0.2' if Gem::Requirement.create('< 2.6').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem('pdk', ENV.fetch('PDK_VERSION', ['>= 2.0', '< 4.0']), require: false) if major_puppet_version > 5 gem 'puppet', puppet_version gem 'puppetlabs_spec_helper' - gem 'puppet-lint-trailing_comma-check', require: false gem 'puppet-strings' gem 'rake' gem 'rspec' diff --git a/lib/facter/puppet_ruby_dir.rb b/lib/facter/puppet_ruby_dir.rb index 39c43ee3..68c9d1ac 100644 --- a/lib/facter/puppet_ruby_dir.rb +++ b/lib/facter/puppet_ruby_dir.rb @@ -1,7 +1,7 @@ # # Return the location of the puppet ruby directory # -Facter.add("puppet_ruby_dir") do +Facter.add('puppet_ruby_dir') do setcode do require 'rubygems' puppet_ruby_dir = File.dirname(Gem.find_files('puppet.rb').first) diff --git a/lib/facter/puppet_service_enabled.rb b/lib/facter/puppet_service_enabled.rb index 8a1cf85a..a9de4c20 100644 --- a/lib/facter/puppet_service_enabled.rb +++ b/lib/facter/puppet_service_enabled.rb @@ -2,12 +2,12 @@ # Determine if the puppet service is enabled. # Facter.add(:puppet_service_enabled) do - confine :kernel => 'linux' + confine kernel: 'linux' setcode do - if Facter.value(:init_systems).include? "systemd" - Facter::Core::Execution.execute('/usr/bin/systemctl is-enabled puppet.service').include? "enabled" + if Facter.value(:init_systems).include? 'systemd' + Facter::Core::Execution.execute('/usr/bin/systemctl is-enabled puppet.service').include? 'enabled' else - Facter::Core::Execution.execute('/sbin/chkconfig --list | grep -w puppet').include? ":on" + Facter::Core::Execution.execute('/sbin/chkconfig --list | grep -w puppet').include? ':on' end end end diff --git a/lib/facter/puppet_service_started.rb b/lib/facter/puppet_service_started.rb index 7d910239..542d2619 100644 --- a/lib/facter/puppet_service_started.rb +++ b/lib/facter/puppet_service_started.rb @@ -2,12 +2,12 @@ # Determine if the puppet service is started. # Facter.add(:puppet_service_started) do - confine :kernel => 'linux' + confine kernel: 'linux' setcode do - if Facter.value(:init_systems).include? "systemd" - Facter::Core::Execution.execute('/usr/bin/systemctl status puppet.service').include? "active (running)" + if Facter.value(:init_systems).include? 'systemd' + Facter::Core::Execution.execute('/usr/bin/systemctl status puppet.service').include? 'active (running)' else - Facter::Core::Execution.execute('/sbin/service puppet status').include? "running" + Facter::Core::Execution.execute('/sbin/service puppet status').include? 'running' end end end diff --git a/lib/facter/puppetserver_jruby.rb b/lib/facter/puppetserver_jruby.rb index 2fd308d3..75b01f85 100644 --- a/lib/facter/puppetserver_jruby.rb +++ b/lib/facter/puppetserver_jruby.rb @@ -11,7 +11,7 @@ 'jarfiles' => [] } jarfiles = Dir.glob("#{jruby_hash['dir']}/*.jar") - jruby_hash['jarfiles'] = jarfiles.map { |x| File.basename(x)} + jruby_hash['jarfiles'] = jarfiles.map { |x| File.basename(x) } jruby_hash end end diff --git a/lib/facter/simp_pupmod_serverversion.rb b/lib/facter/simp_pupmod_serverversion.rb index 44d8b563..c27ac453 100644 --- a/lib/facter/simp_pupmod_serverversion.rb +++ b/lib/facter/simp_pupmod_serverversion.rb @@ -1,14 +1,14 @@ # # Return the discovered server version # -Facter.add("simp_pupmod_serverversion") do - confine { +Facter.add('simp_pupmod_serverversion') do + confine do File.exist?('/opt/puppetlabs/bin/puppetserver') && - File.executable?('/opt/puppetlabs/bin/puppetserver') - } + File.executable?('/opt/puppetlabs/bin/puppetserver') + end setcode do - version = Facter::Core::Execution.exec('/opt/puppetlabs/bin/puppetserver --version').strip.split(/\s+/)[-1] + version = Facter::Core::Execution.exec('/opt/puppetlabs/bin/puppetserver --version').strip.split(%r{\s+})[-1] if version.nil? || (version.length <= 1) version = nil diff --git a/spec/acceptance/suites/default/01_puppet_server_spec.rb b/spec/acceptance/suites/default/01_puppet_server_spec.rb index ce232a8d..bd3c2a2e 100644 --- a/spec/acceptance/suites/default/01_puppet_server_spec.rb +++ b/spec/acceptance/suites/default/01_puppet_server_spec.rb @@ -1,12 +1,12 @@ require 'spec_helper_acceptance' describe 'install environment via r10k and puppetserver' do - require_relative('lib/util') include GenerateTypesTestUtil - let(:master_manifest) { <<-EOF + let(:master_manifest) do + <<-EOF include 'iptables' # Set up a puppetserver @@ -37,11 +37,11 @@ class { 'pupmod::master': dports => 22 } EOF - } + end hosts_with_role(hosts, 'simp_master').each do |master| context "on #{master}" do - it 'should enable SIMP and SIMP dependencies repos' do + it 'enables SIMP and SIMP dependencies repos' do install_simp_repos(master) os_maj = fact_on(master, 'operatingsystemmajrelease').strip @@ -50,10 +50,10 @@ class { 'pupmod::master': "https://dl.fedoraproject.org/pub/epel/epel-release-latest-#{os_maj}.noarch.rpm") end - it 'should install puppetserver' do - if ( on(master, 'cat /proc/sys/crypto/fips_enabled', :accept_all_exit_codes => true).stdout.strip == '1' ) - # Change to the following when it works for all RHEL-like OSs - # if master.fips_mode? + it 'installs puppetserver' do + if on(master, 'cat /proc/sys/crypto/fips_enabled', accept_all_exit_codes: true).stdout.strip == '1' + # Change to the following when it works for all RHEL-like OSs + # if master.fips_mode? master.install_package('yum-utils') master.install_package('java-headless') on(master, 'yumdownloader puppetserver') @@ -63,37 +63,37 @@ class { 'pupmod::master': end end - it 'should enable autosigning' do + it 'enables autosigning' do on(master, 'puppet config --section master set autosign true') end - it 'should correct the permissions' do + it 'corrects the permissions' do on(master, 'chown -R puppet:puppet /etc/puppetlabs/code') end - it 'should apply the master manifest' do - apply_manifest_on(master, master_manifest, :accept_all_exit_codes => true) + it 'applies the master manifest' do + apply_manifest_on(master, master_manifest, accept_all_exit_codes: true) wait_for_generate_types(master) end - it 'should be idempotent' do - apply_manifest_on(master, master_manifest, :catch_changes => true ) + it 'is idempotent' do + apply_manifest_on(master, master_manifest, catch_changes: true) end - it 'should be running jruby 9' do + it 'is running jruby 9' do result = on(master, 'puppetserver ruby --version') expect(result.stdout).to include('jruby 9') end context 'when using puppetserver gems' do - it 'should have hiera-eyaml available' do + it 'has hiera-eyaml available' do result = on(master, 'puppetserver gem list --local hiera-eyaml') expect(result.stdout).to include('hiera-eyaml') end end context 'when managing facter.conf' do - let(:disable_block_hieradata) { + let(:disable_block_hieradata) do <<-EOS pupmod::manage_facter_conf: true pupmod::facter_options: @@ -101,41 +101,41 @@ class { 'pupmod::master': blocklist: - hypervisors EOS - } + end let(:enable_block_hieradata) { 'pupmod::manage_facter_conf: true' } - it 'should provide hypervisors facts initially' do + it 'provides hypervisors facts initially' do hypervisors = fact_on(master, 'hypervisors') exists = !(hypervisors.nil? || hypervisors.empty?) expect(exists).to be true end - it 'should create config to disable hypervisors fact block' do + it 'creates config to disable hypervisors fact block' do set_hieradata_on(master, disable_block_hieradata) - apply_manifest_on(master, master_manifest, :accept_all_exit_codes => true) + apply_manifest_on(master, master_manifest, accept_all_exit_codes: true) end - it 'should be idempotent' do - apply_manifest_on(master, master_manifest, :catch_changes => true ) + it 'is idempotent' do + apply_manifest_on(master, master_manifest, catch_changes: true) end - it 'should no longer provide hypervisors facts' do + it 'noes longer provide hypervisors facts' do hypervisors = fact_on(master, 'hypervisors') exists = !(hypervisors.nil? || hypervisors.empty?) expect(exists).to be false end - it 'should create config to re-enable hypervisors fact block' do + it 'creates config to re-enable hypervisors fact block' do set_hieradata_on(master, enable_block_hieradata) - apply_manifest_on(master, master_manifest, :accept_all_exit_codes => true) + apply_manifest_on(master, master_manifest, accept_all_exit_codes: true) end - it 'should be idempotent' do - apply_manifest_on(master, master_manifest, :catch_changes => true ) + it 'is idempotent' do + apply_manifest_on(master, master_manifest, catch_changes: true) end - it 'should provide hypervisors facts again' do + it 'provides hypervisors facts again' do hypervisors = fact_on(master, 'hypervisors') exists = !(hypervisors.nil? || hypervisors.empty?) expect(exists).to be true diff --git a/spec/acceptance/suites/default/50_generate_types_spec.rb b/spec/acceptance/suites/default/50_generate_types_spec.rb index 44f7439d..4a5115cc 100644 --- a/spec/acceptance/suites/default/50_generate_types_spec.rb +++ b/spec/acceptance/suites/default/50_generate_types_spec.rb @@ -4,7 +4,7 @@ # the number of environments that you would like to process. The default is 100 # environments. -describe 'auto-triggered puppet generate types' do +describe 'auto-triggered puppet generate types' do require_relative('lib/util') include GenerateTypesTestUtil @@ -15,33 +15,33 @@ hosts_with_role(hosts, 'simp_master').each do |host| context "on #{host}" do let(:environment_path) { host.puppet[:environmentpath] } - let(:resource_types_cache) { + let(:resource_types_cache) do "#{environment_path}/production/.resource_types" - } + end - it 'should have run `puppet generate types`' do + it 'has run `puppet generate types`' do wait_for_generate_types(host) on(host, "ls -al #{resource_types_cache}") end - it 'should not recreate the resource cache after deletion' do + it 'does not recreate the resource cache after deletion' do on(host, "rm -rf #{resource_types_cache}") expect(host.file_exist?(resource_types_cache)).to be false end - it 'should create the resource cache in a new environment' do + it 'creates the resource cache in a new environment' do on(host, "cp -ra #{environment_path}/production #{environment_path}/new_environment") wait_for_generate_types(host) on(host, "ls -al #{environment_path}/new_environment/.resource_types") end - it 'should not trigger on removing the .resource_types directories' do + it 'does not trigger on removing the .resource_types directories' do on(host, "/bin/rm -rf #{environment_path}/*/.resource_types") end - it 'should regenerate *all* resource caches if the puppet binary is updated' do + it 'regenerates *all* resource caches if the puppet binary is updated' do on(host, "/bin/echo '' >> /opt/puppetlabs/puppet/bin/puppet") wait_for_generate_types(host) @@ -50,11 +50,11 @@ on(host, "ls #{environment_path}/*/.resource_types") end - it 'should not trigger on removing the .resource_types directories' do + it 'does not trigger on removing the .resource_types directories' do on(host, "/bin/rm -rf #{environment_path}/*/.resource_types") end - it 'should regenerate *all* resource caches if the puppetserver binary is updated' do + it 'regenerates *all* resource caches if the puppetserver binary is updated' do on(host, "/bin/echo '' >> /opt/puppetlabs/server/apps/puppetserver/bin/puppetserver") wait_for_generate_types(host) @@ -63,18 +63,18 @@ on(host, "ls #{environment_path}/*/.resource_types") end - it 'should not trigger on removing the .resource_types directories' do + it 'does not trigger on removing the .resource_types directories' do on(host, "/bin/rm -rf #{environment_path}/*/.resource_types") end - it "should not crash the system when creating #{env_count} new environments" do + it "does not crash the system when creating #{env_count} new environments" do on(host, "for x in {1..#{env_count}}; do cp -rl #{environment_path}/production #{environment_path}/testenv$x; done") wait_for_generate_types(host) on(host, "ls #{environment_path} | wc -l") end - it 'should have generated some types on the new environments without locking the system' do + it 'has generated some types on the new environments without locking the system' do wait_for_generate_types(host) # Success here means that the system did not lock up and at least some @@ -82,12 +82,12 @@ # updated to cover `puppet generate types` and this is simply a # stop-gap to prevent killing systems until we can get to r10k. - num_generated = on(host, "ls -d #{environment_path}/testenv{1..#{env_count}}/.resource_types 2>/dev/null | wc -l", :accept_all_exit_codes => true).output.lines.last.strip.to_i + num_generated = on(host, "ls -d #{environment_path}/testenv{1..#{env_count}}/.resource_types 2>/dev/null | wc -l", accept_all_exit_codes: true).output.lines.last.strip.to_i expect(num_generated).to be > 1 end - it 'should not crash the system when updating lots of type files' do + it 'does not crash the system when updating lots of type files' do on(host, 'find /etc/puppetlabs/code/environments -path "*/lib/puppet/type/**.rb" -exec echo "# test" >> {} \;') wait_for_generate_types(host) diff --git a/spec/acceptance/suites/default/60_disable_generate_types.rb b/spec/acceptance/suites/default/60_disable_generate_types.rb index 3a35d9e6..268dcbee 100644 --- a/spec/acceptance/suites/default/60_disable_generate_types.rb +++ b/spec/acceptance/suites/default/60_disable_generate_types.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'disable automatic puppet generate types' do +describe 'disable automatic puppet generate types' do require_relative('lib/util') include GenerateTypesTestUtil @@ -8,20 +8,22 @@ hosts_with_role(hosts, 'simp_master').each do |host| context "on #{host}" do let(:environment_path) { host.puppet[:environmentpath] } - let(:resource_types_cache) { + let(:resource_types_cache) do "#{environment_path}/production/.resource_types" - } + end - let(:hieradata) {{ - 'pupmod::master::generate_types::enable' => false - }} + let(:hieradata) do + { + 'pupmod::master::generate_types::enable' => false + } + end - it 'should clean up the cache' do + it 'cleans up the cache' do on(host, "rm -rf #{resource_types_cache}") expect(host.file_exist?(resource_types_cache)).to be false end - it 'should not create the resource cache in a new environment' do + it 'does not create the resource cache in a new environment' do on(host, "cp -ra #{environment_path}/production #{environment_path}/disabled_environment") wait_for_generate_types(host) diff --git a/spec/acceptance/suites/default/lib/util.rb b/spec/acceptance/suites/default/lib/util.rb index 886e0977..a4c71838 100644 --- a/spec/acceptance/suites/default/lib/util.rb +++ b/spec/acceptance/suites/default/lib/util.rb @@ -1,16 +1,16 @@ module GenerateTypesTestUtil # Wait until simp_generate_types has finished processing - def wait_for_generate_types(host, timeout=1200, interval=30) + def wait_for_generate_types(host, _timeout = 1200, interval = 30) # Let everything spawn sleep(2) begin require 'timeout' - Timeout::timeout(1200) do + Timeout.timeout(1200) do done_generating = false - while !done_generating do - result = on(host, 'pgrep -f simp_generate_types', :accept_all_exit_codes => true) + until done_generating + result = on(host, 'pgrep -f simp_generate_types', accept_all_exit_codes: true) if result.exit_code != 0 done_generating = true else diff --git a/spec/classes/00_classes/agent/cron_spec.rb b/spec/classes/00_classes/agent/cron_spec.rb index f0a1b519..eb8e127d 100644 --- a/spec/classes/00_classes/agent/cron_spec.rb +++ b/spec/classes/00_classes/agent/cron_spec.rb @@ -2,166 +2,161 @@ require 'spec_helper' describe 'pupmod::agent::cron' do - on_supported_os.each do |os, os_facts| context "on #{os}" do - context 'with facts set to defaults' do - let(:facts) { os_facts.merge(:ipaddress => '10.0.2.15', :puppet_service_enabled => false, :puppet_service_started => false ) } + let(:facts) { os_facts.merge(ipaddress: '10.0.2.15', puppet_service_enabled: false, puppet_service_started: false) } context 'with default params' do it { is_expected.to create_class('pupmod::agent::cron') } it { is_expected.to contain_file('/usr/local/bin/careful_puppet_service_shutdown.sh') } - it { is_expected.to_not contain_exec('careful_puppet_service_shutdown') } + it { is_expected.not_to contain_exec('careful_puppet_service_shutdown') } it { is_expected.to contain_cron('puppetd').with_ensure('absent') } it { is_expected.to contain_cron('puppetagent').with_ensure('absent') } it { is_expected.to contain_systemd__timer('puppet_agent.timer') - .with_timer_content(/OnCalendar=\*-\* \*:27,57/) + .with_timer_content(%r{OnCalendar=\*-\* \*:27,57}) .with_service_content(%r{ExecStart=/usr/local/bin/puppetagent_cron.sh}) - .with_service_content(/SuccessExitStatus=2/) + .with_service_content(%r{SuccessExitStatus=2}) .that_requires('File[/usr/local/bin/puppetagent_cron.sh]') } it 'uses maxruntime to kill processes in puppetagent_cron.sh' do expected = Regexp.escape('if [[ -n "${pup_status}" && $(( ${now} - ${filedate} )) -gt 1440') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end it 'includes code to break an existing puppet lock in puppetagent_cron.sh' do - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/handles forcibly enabling puppet agent/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{handles forcibly enabling puppet agent}) end it 'uses a computed max disable time to enable puppet in puppetagent_cron.sh' do expected = Regexp.escape('if [[ ${pup_status} -ne 0 && $(( ${now} - ${filedate} )) -gt 16200') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end it 'stops the puppet client service in puppetagent_cron.sh' do expected = Regexp.escape('puppet resource service puppet enable=false ensure=false') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end - end context "with 'rand' randomization algorithm for cron minute" do - let(:params) {{ :minute => 'rand' }} + let(:params) { { minute: 'rand' } } it { is_expected.to contain_systemd__timer('puppet_agent.timer') - .with_timer_content(/OnCalendar=\*-\* \*:27,57/) + .with_timer_content(%r{OnCalendar=\*-\* \*:27,57}) .with_service_content(%r{ExecStart=/usr/local/bin/puppetagent_cron.sh}) - .with_service_content(/SuccessExitStatus=2/) + .with_service_content(%r{SuccessExitStatus=2}) .that_requires('File[/usr/local/bin/puppetagent_cron.sh]') } it 'uses a computed max disable time to enable puppet in puppetagent_cron.sh' do expected = Regexp.escape('if [[ ${pup_status} -ne 0 && $(( ${now} - ${filedate} )) -gt 16200') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end end context "with 'sha256' randomization algorithm for minute" do - let(:params) {{ :minute => 'sha256' }} + let(:params) { { minute: 'sha256' } } it { is_expected.to contain_systemd__timer('puppet_agent.timer') - .with_timer_content(/OnCalendar=\*-\* \*:10,40/) + .with_timer_content(%r{OnCalendar=\*-\* \*:10,40}) .with_service_content(%r{ExecStart=/usr/local/bin/puppetagent_cron.sh}) - .with_service_content(/SuccessExitStatus=2/) + .with_service_content(%r{SuccessExitStatus=2}) .that_requires('File[/usr/local/bin/puppetagent_cron.sh]') } it 'uses a computed max disable time to enable puppet in puppetagent_cron.sh' do expected = Regexp.escape('if [[ ${pup_status} -ne 0 && $(( ${now} - ${filedate} )) -gt 16200') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end end context 'with alternate minute_base' do - let(:params) {{ :minute_base => 'foo' }} + let(:params) { { minute_base: 'foo' } } it { is_expected.to contain_systemd__timer('puppet_agent.timer') - .with_timer_content(/OnCalendar=\*-\* \*:29,59/) + .with_timer_content(%r{OnCalendar=\*-\* \*:29,59}) .with_service_content(%r{ExecStart=/usr/local/bin/puppetagent_cron.sh}) - .with_service_content(/SuccessExitStatus=2/) + .with_service_content(%r{SuccessExitStatus=2}) .that_requires('File[/usr/local/bin/puppetagent_cron.sh]') } - end - context "with interval enabled" do - let(:params) {{ :minute => 'nil' }} + context 'with interval enabled' do + let(:params) { { minute: 'nil' } } it { is_expected.to contain_systemd__timer('puppet_agent.timer') .with_timer_content(%r{OnCalendar=\*-\* \*:\*/30}) .with_service_content(%r{ExecStart=/usr/local/bin/puppetagent_cron.sh}) - .with_service_content(/SuccessExitStatus=2/) + .with_service_content(%r{SuccessExitStatus=2}) .that_requires('File[/usr/local/bin/puppetagent_cron.sh]') } - it 'uses a computed max disable time to enable puppet in puppetagent_cron.sh' do expected = Regexp.escape('if [[ ${pup_status} -ne 0 && $(( ${now} - ${filedate} )) -gt 16200') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end end context 'with specific cron parameters specified' do - let(:params) {{ - :minute => 1, - :hour => 2, - :monthday => 3, - :month => 4, - :weekday => 5 - }} + let(:params) do + { + minute: 1, + hour: 2, + monthday: 3, + month: 4, + weekday: 5 + } + end it { is_expected.to contain_systemd__timer('puppet_agent.timer') - .with_timer_content(/OnCalendar=Fri 4-3 2:1/) + .with_timer_content(%r{OnCalendar=Fri 4-3 2:1}) .with_service_content(%r{ExecStart=/usr/local/bin/puppetagent_cron.sh}) - .with_service_content(/SuccessExitStatus=2/) + .with_service_content(%r{SuccessExitStatus=2}) .that_requires('File[/usr/local/bin/puppetagent_cron.sh]') } - end context 'with altername maxruntime' do - let(:params) {{ :maxruntime => 10 }} + let(:params) { { maxruntime: 10 } } it 'uses maxruntime to kill processes in puppetagent_cron.sh' do expected = Regexp.escape('if [[ -n "${pup_status}" && $(( ${now} - ${filedate} )) -gt 600') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end end context 'with break_puppet_lock disabled' do - let(:params) {{ :break_puppet_lock => false }} - it { is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/handles puppet processes which have been running longer than maxruntime/) } - it { is_expected.to_not contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/handles forcibly enabling puppet agent/) } - end + let(:params) { { break_puppet_lock: false } } + it { is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{handles puppet processes which have been running longer than maxruntime}) } + it { is_expected.not_to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{handles forcibly enabling puppet agent}) } + end context 'with max_disable_time specified' do - let(:params) {{ :max_disable_time => 5 }} + let(:params) { { max_disable_time: 5 } } it 'uses max_disable_time to enable puppet in puppetagent_cron.sh' do expected = Regexp.escape('if [[ ${pup_status} -ne 0 && $(( ${now} - ${filedate} )) -gt 300') - is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(/#{expected}/) + is_expected.to contain_file('/usr/local/bin/puppetagent_cron.sh').with_content(%r{#{expected}}) end end end context 'with puppet service enabled' do - let(:facts) { os_facts.merge(:ipaddress => '10.0.2.15', :puppet_service_enabled => true, :puppet_service_started => true ) } + let(:facts) { os_facts.merge(ipaddress: '10.0.2.15', puppet_service_enabled: true, puppet_service_started: true) } - it 'should exec script to disable puppet service' do + it 'execs script to disable puppet service' do is_expected.to contain_exec('careful_puppet_service_shutdown') end end - end end end diff --git a/spec/classes/00_classes/facter/conf_spec.rb b/spec/classes/00_classes/facter/conf_spec.rb index f3cdac5d..0fc8bd9e 100644 --- a/spec/classes/00_classes/facter/conf_spec.rb +++ b/spec/classes/00_classes/facter/conf_spec.rb @@ -6,80 +6,96 @@ describe 'pupmod' do on_supported_os.each do |os, os_facts| context "on #{os}" do - let(:facts){ os_facts } + let(:facts) { os_facts } let(:conf_dir) { '/etc/puppetlabs/facter' } let(:conf_file) { '/etc/puppetlabs/facter/facter.conf' } context 'with default facter config (empty sections)' do - let(:params) { { :manage_facter_conf => true }} + let(:params) { { manage_facter_conf: true } } + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_file(conf_dir).with_ensure('directory') } it { is_expected.to contain_file(conf_file).with_ensure('file') } [ 'facts', 'global', 'cli' ].each do |section| - it { is_expected.to contain_hocon_setting(section).with( - :ensure => 'absent', - :path => conf_file, - :setting => section - ) } + it { + is_expected.to contain_hocon_setting(section).with( + ensure: 'absent', + path: conf_file, + setting: section, + ) + } end end context 'with fully specified facter config' do - let(:facts_section) { { - 'blocklist' => [ 'EC2' ], - 'ttls' => [ + let(:facts_section) do + { + 'blocklist' => [ 'EC2' ], + 'ttls' => [ { 'processor' => '30 days' }, - { 'timezone' => '8 hours' }, + { 'timezone' => '8 hours' }, ] - } } + } + end - let(:global_section) { { - 'external-dir' => [ 'path1', 'path2' ], + let(:global_section) do + { + 'external-dir' => [ 'path1', 'path2' ], 'custom-dir' => [ 'custom/path' ], 'no-exernal-facts' => false, 'no-custom-facts' => false, 'no-ruby' => false - } } + } + end - let(:cli_section) { { - 'debug' => false, + let(:cli_section) do + { + 'debug' => false, 'trace' => true, 'verbose' => false, 'log-level' => 'warn' - } } + } + end - let(:params) { { - :manage_facter_conf => true, - :facter_options => { + let(:params) do + { + manage_facter_conf: true, + facter_options: { 'facts' => facts_section, 'global' => global_section, 'cli' => cli_section } - } } - + } + end it { is_expected.to compile.with_all_deps } it { is_expected.to contain_file(conf_dir).with_ensure('directory') } it { is_expected.to contain_file(conf_file).with_ensure('file') } - it { is_expected.to contain_hocon_setting('facts').with( - :ensure => 'present', - :path => conf_file, - :setting => 'facts', - :value => facts_section - ) } - it { is_expected.to contain_hocon_setting('global').with( - :ensure => 'present', - :path => conf_file, - :setting => 'global', - :value => global_section - ) } - it { is_expected.to contain_hocon_setting('cli').with( - :ensure => 'present', - :path => conf_file, - :setting => 'cli', - :value => cli_section - ) } + it { + is_expected.to contain_hocon_setting('facts').with( + ensure: 'present', + path: conf_file, + setting: 'facts', + value: facts_section, + ) + } + it { + is_expected.to contain_hocon_setting('global').with( + ensure: 'present', + path: conf_file, + setting: 'global', + value: global_section, + ) + } + it { + is_expected.to contain_hocon_setting('cli').with( + ensure: 'present', + path: conf_file, + setting: 'cli', + value: cli_section, + ) + } end end end diff --git a/spec/classes/10_classes/master/base_spec.rb b/spec/classes/10_classes/master/base_spec.rb index 0f22a41e..87df9617 100644 --- a/spec/classes/10_classes/master/base_spec.rb +++ b/spec/classes/10_classes/master/base_spec.rb @@ -3,104 +3,110 @@ describe 'pupmod::master::base' do on_supported_os.each do |os, os_facts| before :all do - @extras = { :puppet_settings => { + @extras = { puppet_settings: { 'master' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' }, 'server' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' } - }} + } } end context "on #{os}" do - - let(:facts){ @extras.merge(os_facts) } + let(:facts) { @extras.merge(os_facts) } context 'with default parameters' do it { is_expected.to create_class('pupmod::master::base') } - it { is_expected.to contain_exec('puppetserver_reload').with( + it { + is_expected.to contain_exec('puppetserver_reload').with( { - "command" => "/usr/local/sbin/puppetserver_reload", - "refreshonly" => true, - } + 'command' => '/usr/local/sbin/puppetserver_reload', + 'refreshonly' => true, + }, ) } - it { is_expected.to contain_file('/etc/puppetlabs/code/environments').with( + it { + is_expected.to contain_file('/etc/puppetlabs/code/environments').with( { - "ensure" => "directory", - "owner" => "root", - "group" => "puppet", - "mode" => "u=rwx,g=rwx,o-rwx", - "recurse" => true, - "recurselimit" => 1, - } + 'ensure' => 'directory', + 'owner' => 'root', + 'group' => 'puppet', + 'mode' => 'u=rwx,g=rwx,o-rwx', + 'recurse' => true, + 'recurselimit' => 1, + }, ) } - it { is_expected.to contain_file('/usr/local/sbin/puppetserver_clear_environment_cache').with( + it { + is_expected.to contain_file('/usr/local/sbin/puppetserver_clear_environment_cache').with( { - "ensure" => "file", - "owner" => "root", - "group" => "root", - "mode" => "0700", - } + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0700', + }, ) } it { - puppetserver_clear_environment_cache = File.open("#{File.dirname(__FILE__)}/data/puppetserver_clear_environment_cache.txt", "rb").read.gsub('foo.example.com', facts[:fqdn]) + puppetserver_clear_environment_cache = File.open("#{File.dirname(__FILE__)}/data/puppetserver_clear_environment_cache.txt", 'rb').read.gsub('foo.example.com', facts[:fqdn]) is_expected.to contain_file('/usr/local/sbin/puppetserver_clear_environment_cache').with_content(puppetserver_clear_environment_cache) } - it { is_expected.to contain_file('/usr/local/sbin/puppetserver_reload').with( + it { + is_expected.to contain_file('/usr/local/sbin/puppetserver_reload').with( { - "ensure" => "file", - "owner" => "root", - "group" => "root", - "mode" => "0700", - } + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0700', + }, ) } it { - puppetserver_reload = File.open("#{File.dirname(__FILE__)}/data/puppetserver_reload.txt", "rb").read.gsub('foo.example.com', facts[:fqdn]) + puppetserver_reload = File.open("#{File.dirname(__FILE__)}/data/puppetserver_reload.txt", 'rb').read.gsub('foo.example.com', facts[:fqdn]) is_expected.to contain_file('/usr/local/sbin/puppetserver_reload').with_content(puppetserver_reload) } - it { is_expected.to contain_group('puppet').with( + it { + is_expected.to contain_group('puppet').with( { - "ensure" => "present", - "allowdupe" => false, - "tag" => "firstrun", - } + 'ensure' => 'present', + 'allowdupe' => false, + 'tag' => 'firstrun', + }, ) } - it { is_expected.to contain_package('puppetserver').with( + it { + is_expected.to contain_package('puppetserver').with( { - "ensure" => "installed", - } + 'ensure' => 'installed', + }, ) } - it { is_expected.to contain_service('puppetserver').with( + it { + is_expected.to contain_service('puppetserver').with( { - "ensure" => "running", - "enable" => true, - "hasrestart" => true, - "hasstatus" => true, - } + 'ensure' => 'running', + 'enable' => true, + 'hasrestart' => true, + 'hasstatus' => true, + }, ) } - it { is_expected.to contain_user('puppet').with( + it { + is_expected.to contain_user('puppet').with( { - "ensure" => "present", - "allowdupe" => false, - "comment" => "Puppet User", - "gid" => "puppet", - "home" => "/opt/puppetlabs/server/data/puppetserver", - "shell" => "/sbin/nologin", - "tag" => "firstrun", - } + 'ensure' => 'present', + 'allowdupe' => false, + 'comment' => 'Puppet User', + 'gid' => 'puppet', + 'home' => '/opt/puppetlabs/server/data/puppetserver', + 'shell' => '/sbin/nologin', + 'tag' => 'firstrun', + }, ) } end - end end end diff --git a/spec/classes/10_classes/master/generate_types_spec.rb b/spec/classes/10_classes/master/generate_types_spec.rb index 3f833c2a..e83fe070 100644 --- a/spec/classes/10_classes/master/generate_types_spec.rb +++ b/spec/classes/10_classes/master/generate_types_spec.rb @@ -10,7 +10,7 @@ it { is_expected.to create_tidy('/etc/incron.d').with_matches('simp_generate_types*') } end - shared_examples_for 'generate_types_systemd' do |content, force_content=nil| + shared_examples_for 'generate_types_systemd' do |content, force_content = nil| it { is_expected.to create_systemd__unit_file('simp_generate_types.path').with_enable(true) } it { is_expected.to create_systemd__unit_file('simp_generate_types.path').with_active(true) } it { is_expected.to create_systemd__unit_file('simp_generate_types.path').with_content(content) } @@ -27,8 +27,8 @@ it { is_expected.to create_systemd__unit_file('simp_generate_types_apps.path').with_content(force_content) } it { is_expected.to create_systemd__unit_file('simp_generate_types_force.service').with_content(force_service_content) } else - it { is_expected.to_not create_systemd__unit_file('simp_generate_types_apps.path') } - it { is_expected.to_not create_systemd__unit_file('simp_generate_types_force.service') } + it { is_expected.not_to create_systemd__unit_file('simp_generate_types_apps.path') } + it { is_expected.not_to create_systemd__unit_file('simp_generate_types_force.service') } end service_content = <<~EOM @@ -46,11 +46,11 @@ on_supported_os.each do |os, os_facts| context "on #{os}" do - let(:facts){ + let(:facts) do os_facts.merge({ - :puppet_environmentpath => '/etc/puppetlabs/code/environments' - }) - } + puppet_environmentpath: '/etc/puppetlabs/code/environments' + }) + end context 'with default input' do systemd_path_content = <<~EOM @@ -82,9 +82,11 @@ end context 'when disabling puppetserver triggers' do - let(:params){{ - :trigger_on_puppetserver_update => false - }} + let(:params) do + { + trigger_on_puppetserver_update: false + } + end systemd_path_content = <<~EOM [Install] @@ -114,9 +116,11 @@ end context 'when disabling puppet triggers' do - let(:params){{ - :trigger_on_puppet_update => false - }} + let(:params) do + { + trigger_on_puppet_update: false + } + end systemd_path_content = <<~EOM [Install] @@ -146,10 +150,12 @@ end context 'when disabling puppetserver and puppet triggers' do - let(:params){{ - :trigger_on_puppet_update => false, - :trigger_on_puppetserver_update => false - }} + let(:params) do + { + trigger_on_puppet_update: false, + trigger_on_puppetserver_update: false + } + end systemd_path_content = <<~EOM [Install] @@ -170,9 +176,11 @@ end context 'when disabling environment triggers' do - let(:params){{ - :trigger_on_new_environment => false - }} + let(:params) do + { + trigger_on_new_environment: false + } + end systemd_path_content = <<~EOM [Install] @@ -202,9 +210,11 @@ end context 'when disabling type change triggers' do - let(:params){{ - :trigger_on_type_change => false - }} + let(:params) do + { + trigger_on_type_change: false + } + end systemd_path_content = <<~EOM [Install] @@ -234,11 +244,11 @@ end context 'with multiple environment paths' do - let(:facts){ + let(:facts) do os_facts.merge({ - :puppet_environmentpath => '/etc/puppetlabs/code/environments:/foo/bar/baz' - }) - } + puppet_environmentpath: '/etc/puppetlabs/code/environments:/foo/bar/baz' + }) + end systemd_path_content = <<~EOM [Install] @@ -270,14 +280,16 @@ end context 'when disabled' do - let(:params) {{ - :enable => false - }} + let(:params) do + { + enable: false + } + end it { is_expected.to compile.with_all_deps } it { is_expected.to create_file('/usr/local/sbin/simp_generate_types') } it { is_expected.to create_file('/var/run/simp_generate_types') } - it { is_expected.to_not create_exec('simp_generate_types') } + it { is_expected.not_to create_exec('simp_generate_types') } it { is_expected.to create_service('simp_generate_types').with_enable(false) } it { is_expected.to create_service('simp_generate_types_force').with_enable(false) } if Array(os_facts[:init_systems]).include?('systemd') @@ -286,10 +298,10 @@ it { is_expected.to create_systemd__unit_file('simp_generate_types.service').with_ensure('absent') } it { is_expected.to create_systemd__unit_file('simp_generate_types_force.service').with_ensure('absent') } else - it { is_expected.to_not create_systemd__unit_file('simp_generate_types.path').with_ensure('absent') } - it { is_expected.to_not create_systemd__unit_file('simp_generate_types_apps.path').with_ensure('absent') } - it { is_expected.to_not create_systemd__unit_file('simp_generate_types.service').with_ensure('absent') } - it { is_expected.to_not create_systemd__unit_file('simp_generate_types_force.service').with_ensure('absent') } + it { is_expected.not_to create_systemd__unit_file('simp_generate_types.path').with_ensure('absent') } + it { is_expected.not_to create_systemd__unit_file('simp_generate_types_apps.path').with_ensure('absent') } + it { is_expected.not_to create_systemd__unit_file('simp_generate_types.service').with_ensure('absent') } + it { is_expected.not_to create_systemd__unit_file('simp_generate_types_force.service').with_ensure('absent') } end it { is_expected.to create_tidy('/etc/incron.d').with_matches('simp_generate_types*') } end diff --git a/spec/classes/10_classes/master/reports_spec.rb b/spec/classes/10_classes/master/reports_spec.rb index 2d6d77b8..c314ff4c 100644 --- a/spec/classes/10_classes/master/reports_spec.rb +++ b/spec/classes/10_classes/master/reports_spec.rb @@ -2,16 +2,17 @@ describe 'pupmod::master::reports' do before :all do - @extras = { :puppet_settings => { + @extras = { puppet_settings: { 'master' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' - }}} + } + } } end on_supported_os.each do |os, os_facts| context "on #{os}" do - let(:facts){ @extras.merge(os_facts) } - let(:pre_condition){ 'include "pupmod::master"' } + let(:facts) { @extras.merge(os_facts) } + let(:pre_condition) { 'include "pupmod::master"' } it { is_expected.to create_file('/etc/cron.daily/puppet_client_report_purge') diff --git a/spec/classes/10_classes/master/simp_auth_spec.rb b/spec/classes/10_classes/master/simp_auth_spec.rb index 78528705..88db9c42 100644 --- a/spec/classes/10_classes/master/simp_auth_spec.rb +++ b/spec/classes/10_classes/master/simp_auth_spec.rb @@ -3,42 +3,50 @@ describe 'pupmod::master::simp_auth' do on_supported_os.each do |os, os_facts| context "on #{os}" do - let(:facts){ os_facts } + let(:facts) { os_facts } it { is_expected.to create_class('pupmod::master::simp_auth') } - it { is_expected.to create_puppet_authorization__rule('Allow access to the cacerts from the pki_files module from all hosts').with({ - 'ensure' => 'present', + it { + is_expected.to create_puppet_authorization__rule('Allow access to the cacerts from the pki_files module from all hosts').with({ + 'ensure' => 'present', 'match_request_path' => '^/puppet/v3/file_(metadata|content)/modules/pki_files/keydist/cacerts', 'match_request_type' => 'regex', 'match_request_method' => ['get'], 'allow' => '*', 'sort_order' => 410, - }) } - it { is_expected.to create_puppet_authorization__rule('Allow access to the mcollective PKI from the pki_files module from all hosts').with({ - 'ensure' => 'present', + }) + } + it { + is_expected.to create_puppet_authorization__rule('Allow access to the mcollective PKI from the pki_files module from all hosts').with({ + 'ensure' => 'present', 'match_request_path' => '^/puppet/v3/file_(metadata|content)/modules/pki_files/keydist/mcollective', 'match_request_type' => 'regex', 'match_request_method' => ['get'], 'allow' => '*', 'sort_order' => 430, - }) } - it { is_expected.to create_puppet_authorization__rule('Allow access to each hosts own certs from the pki_files module').with({ - 'ensure' => 'present', + }) + } + it { + is_expected.to create_puppet_authorization__rule('Allow access to each hosts own certs from the pki_files module').with({ + 'ensure' => 'present', 'match_request_path' => '^/puppet/v3/file_(metadata|content)/modules/pki_files/keydist/([^/]+)', 'match_request_type' => 'regex', 'match_request_method' => ['get'], 'allow' => '$2', 'sort_order' => 440, - }) } - it { is_expected.to create_puppet_authorization__rule('Allow access to each hosts own kerberos keytabs from the krb5_files module').with({ - 'ensure' => 'present', + }) + } + it { + is_expected.to create_puppet_authorization__rule('Allow access to each hosts own kerberos keytabs from the krb5_files module').with({ + 'ensure' => 'present', 'match_request_path' => '^/puppet/v3/file_(metadata|content)/modules/krb5_files/keytabs/([^/]+)', 'match_request_type' => 'regex', 'match_request_method' => ['get'], 'allow' => '$2', 'sort_order' => 460, - 'notify' => "Class[Pupmod::Master::Service]" - }) } + 'notify' => 'Class[Pupmod::Master::Service]' + }) + } it { is_expected.to create_file('/etc/puppetlabs/puppet/auth.conf').with_ensure('absent') } end end diff --git a/spec/classes/10_classes/master/sysconfig_spec.rb b/spec/classes/10_classes/master/sysconfig_spec.rb index 13ba102a..aafde4cf 100644 --- a/spec/classes/10_classes/master/sysconfig_spec.rb +++ b/spec/classes/10_classes/master/sysconfig_spec.rb @@ -4,24 +4,24 @@ describe 'pupmod::master' do on_supported_os.each do |os, os_facts| before :all do - @extras = { :puppet_settings => { + @extras = { puppet_settings: { 'server' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' }, 'master' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' - }}} + } + } } end puppetserver_content_without_jruby = File.read("#{File.dirname(__FILE__)}/data/puppetserver.txt") context "on #{os}" do - - _server_datadir = os_facts.dig(:puppet_settings,:server,:server_datadir) || - os_facts.dig(:puppet_settings,:master,:server_datadir) + _server_datadir = os_facts.dig(:puppet_settings, :server, :server_datadir) || + os_facts.dig(:puppet_settings, :master, :server_datadir) ['PE', 'PC1'].each do |server_distribution| context "server distribution '#{server_distribution}'" do - let(:puppetserver_svc) { + let(:puppetserver_svc) do svc = 'puppetserver' if server_distribution == 'PE' @@ -29,18 +29,18 @@ end svc - } + end if server_distribution == 'PE' context 'on PE with default params' do let(:hieradata) { 'sysconfig/PE' } - let(:facts){ + let(:facts) do @extras.merge(os_facts).merge( - :memorysize_mb => 490.16, - :pe_build => '2016.1.0' + memorysize_mb: 490.16, + pe_build: '2016.1.0', ) - } + end it 'sets $tmpdir via a pe_ini_subsetting resource' do ['JAVA_ARGS', 'JAVA_ARGS_CLI'].each do |setting| @@ -55,131 +55,141 @@ else context 'on PC1 with default params' do let(:hieradata) { 'sysconfig/PC1' } - let(:facts){ @extras.merge(os_facts).merge({ - :memorysize_mb => 490.16, - :puppetserver_jruby => { + let(:facts) do + @extras.merge(os_facts).merge({ + memorysize_mb: 490.16, + puppetserver_jruby: { 'dir' => '/opt/puppetlabs/server/apps/puppetserver', - 'jarfiles' => ['x.jar','y.jar', 'jruby-9k.jar'] - } - }) - } + 'jarfiles' => ['x.jar', 'y.jar', 'jruby-9k.jar'] + } + }) + end it do puppetserver_content = File.read("#{File.dirname(__FILE__)}/data/puppetserver-j9.txt") puppetserver_content.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content - } ) + }) end it { is_expected.to create_class('pupmod::master::sysconfig') } - it { is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( + it { + is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( { 'owner' => 'puppet', 'group' => 'puppet', 'ensure' => 'directory', 'mode' => '0750' - } - )} + }, + ) + } end context 'if jruby9k set to true but file does not exist' do let(:hieradata) { 'sysconfig/PC1' } - let(:facts){ @extras.merge(os_facts).merge({ - :memorysize_mb => 490.16, - :puppetserver_jruby => { + let(:facts) do + @extras.merge(os_facts).merge({ + memorysize_mb: 490.16, + puppetserver_jruby: { 'dir' => '/opt/puppetlabs/server/apps/puppetserver', - 'jarfiles' => ['x.jar','y.jar'] - } - }) - } + 'jarfiles' => ['x.jar', 'y.jar'] + } + }) + end + it do puppetserver_content_without_jruby.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content_without_jruby - } ) + }) end end context 'set jrubyjar set to default ' do - let(:hieradata) { "sysconfig/PC1_jruby_default" } - let(:facts){ @extras.merge(os_facts).merge(:memorysize_mb => 490.16) } + let(:hieradata) { 'sysconfig/PC1_jruby_default' } + let(:facts) { @extras.merge(os_facts).merge(memorysize_mb: 490.16) } it do puppetserver_content_without_jruby.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content_without_jruby - } ) + }) end end context 'set jruby jar set and no fact ' do - let(:hieradata) { "sysconfig/PC1_jruby_x" } - let(:facts){ @extras.merge(os_facts).merge(:memorysize_mb => 490.16) } + let(:hieradata) { 'sysconfig/PC1_jruby_x' } + let(:facts) { @extras.merge(os_facts).merge(memorysize_mb: 490.16) } it do puppetserver_content_without_jruby.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content_without_jruby - } ) + }) end end context '4CPU 8G memory system auto-tune' do - let(:hieradata) { "sysconfig/PC1" } - let(:facts) { @extras.merge(os_facts).merge({ - :memorysize_mb => 8192, - :processorcount => 4, - :processors => { - :physicalcount => 1, - :count => 4, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" + let(:hieradata) { 'sysconfig/PC1' } + let(:facts) do + @extras.merge(os_facts).merge({ + memorysize_mb: 8192, + processorcount: 4, + processors: { + physicalcount: 1, + count: 4, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', ] }, - :puppetserver_jruby => { + puppetserver_jruby: { 'dir' => '/opt/puppetlabs/server/apps/puppetserver', - 'jarfiles' => ['x.jar','y.jar', 'jruby-9k.jar'] + 'jarfiles' => ['x.jar', 'y.jar', 'jruby-9k.jar'] } - })} + }) + end let(:puppetserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf' } let(:puppetserver_conf_hash) { Hocon.parse(catalogue.resource("File[#{puppetserver_conf}]")['content']) } + ['monolithic', 'primary', 'compile'].each do |server_type| context "as #{server_type} server" do - let(:expected_instances) { - if server_type == 'compile' - mi = 3 - else - mi = 2 - end + let(:expected_instances) do + mi = if server_type == 'compile' + 3 + else + 2 + end mi - } - let(:params) {{ - :server_type => server_type, - }} + end + let(:params) do + { + server_type: server_type, + } + end it { expect(puppetserver_conf_hash['jruby-puppet']['max-active-instances']).to eq(expected_instances) } @@ -188,66 +198,73 @@ puppetserver_content.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content - } ) + }) end it { is_expected.to create_class('pupmod::master::sysconfig') } - it { is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( + it { + is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( { 'owner' => 'puppet', 'group' => 'puppet', 'ensure' => 'directory', 'mode' => '0750' - } - )} + }, + ) + } end end end context '16CPU 32G memory system auto-tune' do - let(:hieradata) { "sysconfig/PC1" } - let(:facts) { @extras.merge(os_facts).merge({ - :memorysize_mb => 32768, - :processorcount => 16, - :processors => { - :physicalcount => 4, - :count => 16, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" + let(:hieradata) { 'sysconfig/PC1' } + let(:facts) do + @extras.merge(os_facts).merge({ + memorysize_mb: 32_768, + processorcount: 16, + processors: { + physicalcount: 4, + count: 16, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', ] }, - :puppetserver_jruby => { + puppetserver_jruby: { 'dir' => '/opt/puppetlabs/server/apps/puppetserver', - 'jarfiles' => ['x.jar','y.jar', 'jruby-9k.jar'] + 'jarfiles' => ['x.jar', 'y.jar', 'jruby-9k.jar'] } - })} + }) + end let(:puppetserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf' } let(:puppetserver_conf_hash) { Hocon.parse(catalogue.resource("File[#{puppetserver_conf}]")['content']) } + ['monolithic', 'primary', 'compile'].each do |server_type| context "as #{server_type} server" do - let(:expected_instances) { - if server_type == 'compile' - mi = 15 - elsif server_type == 'monolithic' - mi = 11 - else - mi = 4 - end + let(:expected_instances) do + mi = if server_type == 'compile' + 15 + elsif server_type == 'monolithic' + 11 + else + 4 + end mi - } - let(:params) {{ - :server_type => server_type, - }} + end + let(:params) do + { + server_type: server_type, + } + end it { expect(puppetserver_conf_hash['jruby-puppet']['max-active-instances']).to eq(expected_instances) } @@ -256,48 +273,52 @@ puppetserver_content.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content - } ) + }) end it { is_expected.to create_class('pupmod::master::sysconfig') } - it { is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( + it { + is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( { 'owner' => 'puppet', 'group' => 'puppet', 'ensure' => 'directory', 'mode' => '0750' - } - )} + }, + ) + } end end end # Ensure users can still override to whatever ridiculous settings they want context 'crazy manual tuning overrides' do - let(:hieradata) { "sysconfig/PC1-tuning_overrides" } - let(:facts) { @extras.merge(os_facts).merge({ - :memorysize_mb => 32768, - :processorcount => 16, - :processors => { - :physicalcount => 4, - :count => 16, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" + let(:hieradata) { 'sysconfig/PC1-tuning_overrides' } + let(:facts) do + @extras.merge(os_facts).merge({ + memorysize_mb: 32_768, + processorcount: 16, + processors: { + physicalcount: 4, + count: 16, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', ] }, - :puppetserver_jruby => { + puppetserver_jruby: { 'dir' => '/opt/puppetlabs/server/apps/puppetserver', - 'jarfiles' => ['x.jar','y.jar', 'jruby-9k.jar'] + 'jarfiles' => ['x.jar', 'y.jar', 'jruby-9k.jar'] } - })} + }) + end let(:puppetserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf' } let(:puppetserver_conf_hash) { Hocon.parse(catalogue.resource("File[#{puppetserver_conf}]")['content']) } @@ -309,23 +330,25 @@ puppetserver_content.gsub!('%PUPPETSERVER_JAVA_TMPDIR_ROOT%', File.dirname(_server_datadir)) - is_expected.to contain_file('/etc/sysconfig/puppetserver').with( { - 'owner' => 'root', + is_expected.to contain_file('/etc/sysconfig/puppetserver').with({ + 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'content' => puppetserver_content - } ) + }) end it { is_expected.to create_class('pupmod::master::sysconfig') } - it { is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( + it { + is_expected.to contain_file("#{File.dirname(_server_datadir)}/pserver_tmp").with( { 'owner' => 'puppet', 'group' => 'puppet', 'ensure' => 'directory', 'mode' => '0750' - } - )} + }, + ) + } end end end diff --git a/spec/classes/20_classes/init_spec.rb b/spec/classes/20_classes/init_spec.rb index 1bc1c8b6..03050024 100644 --- a/spec/classes/20_classes/init_spec.rb +++ b/spec/classes/20_classes/init_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -audit_content = File.open("#{File.dirname(__FILE__)}/data/auditd.txt", "rb").read; +audit_content = File.open("#{File.dirname(__FILE__)}/data/auditd.txt", 'rb').read describe 'pupmod' do def mock_selinux_false_facts(os_facts) @@ -23,150 +23,185 @@ def mock_selinux_enforcing_facts(os_facts) end on_supported_os.each do |os, os_facts| - let(:node){ os_facts[:fqdn] } # sets trusted facts hash + let(:node) { os_facts[:fqdn] } # sets trusted facts hash before :all do - @extras = { :puppet_settings => { + @extras = { puppet_settings: { 'master' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' - }}} + } + } } end context "on #{os}" do - let(:facts){ + let(:facts) do os_facts = @extras.merge(os_facts) mock_selinux_enforcing_facts(os_facts) - } + end + [ 'PC1', - 'PE' + 'PE', ].each do |distribution| context "with server_distribution = #{distribution}" do - let(:params) {{ :server_distribution => distribution, :puppet_server => '1.2.3.4' }} - describe "with default parameters" do + let(:params) { { server_distribution: distribution, puppet_server: '1.2.3.4' } } + + describe 'with default parameters' do it { is_expected.to create_class('pupmod') } it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_class('haveged') } it { is_expected.to contain_package('puppet-agent').with_ensure('installed') } it { is_expected.to contain_class('pupmod::agent::cron') } - it { is_expected.to contain_service('puppet').with({ - 'ensure' => 'stopped', + it { + is_expected.to contain_service('puppet').with({ + 'ensure' => 'stopped', 'enable' => false, 'hasrestart' => true, 'hasstatus' => true, 'subscribe' => 'File[/etc/puppetlabs/puppet/puppet.conf]' - }) } - it { is_expected.to contain_pupmod__conf('agent_daemonize').with({ - 'section' => 'agent', + }) + } + it { + is_expected.to contain_pupmod__conf('agent_daemonize').with({ + 'section' => 'agent', 'setting' => 'daemonize', 'value' => 'false' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('splay').with({ - 'setting' => 'splay', + it { + is_expected.to contain_pupmod__conf('splay').with({ + 'setting' => 'splay', 'value' => false - }) } + }) + } it { is_expected.not_to contain_pupmod__conf('splaylimit') } it { is_expected.not_to contain_pupmod__conf('environment') } - it { is_expected.to contain_pupmod__conf('syslogfacility').with({ - 'setting' => 'syslogfacility', + it { + is_expected.to contain_pupmod__conf('syslogfacility').with({ + 'setting' => 'syslogfacility', 'value' => 'local6' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('srv_domain').with({ - 'setting' => 'srv_domain', + it { + is_expected.to contain_pupmod__conf('srv_domain').with({ + 'setting' => 'srv_domain', 'value' => facts[:domain] - }) } + }) + } - it { is_expected.to contain_pupmod__conf('certname').with({ - 'setting' => 'certname', + it { + is_expected.to contain_pupmod__conf('certname').with({ + 'setting' => 'certname', 'value' => facts[:fqdn] - }) } + }) + } - it { is_expected.to contain_pupmod__conf('vardir').with({ - 'setting' => 'vardir', + it { + is_expected.to contain_pupmod__conf('vardir').with({ + 'setting' => 'vardir', 'value' => '/opt/puppetlabs/puppet/cache', - }) } + }) + } - it { is_expected.to contain_pupmod__conf('classfile').with({ - 'setting' => 'classfile', + it { + is_expected.to contain_pupmod__conf('classfile').with({ + 'setting' => 'classfile', 'value' => '$vardir/classes.txt' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('confdir').with({ - 'setting' => 'confdir', + it { + is_expected.to contain_pupmod__conf('confdir').with({ + 'setting' => 'confdir', 'value' => '/etc/puppetlabs/puppet' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('logdir').with({ - 'setting' => 'logdir', + it { + is_expected.to contain_pupmod__conf('logdir').with({ + 'setting' => 'logdir', 'value' => '/var/log/puppetlabs/puppet' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('rundir').with({ - 'setting' => 'rundir', + it { + is_expected.to contain_pupmod__conf('rundir').with({ + 'setting' => 'rundir', 'value' => '/var/run/puppetlabs' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('runinterval').with({ - 'setting' => 'runinterval', + it { + is_expected.to contain_pupmod__conf('runinterval').with({ + 'setting' => 'runinterval', 'value' => 1800 - }) } + }) + } - it { is_expected.to contain_pupmod__conf('ssldir').with({ - 'setting' => 'ssldir', + it { + is_expected.to contain_pupmod__conf('ssldir').with({ + 'setting' => 'ssldir', 'value' => '/etc/puppetlabs/puppet/ssl' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('stringify_facts').with({ - 'setting' => 'stringify_facts', + it { + is_expected.to contain_pupmod__conf('stringify_facts').with({ + 'setting' => 'stringify_facts', 'value' => false - }) } + }) + } - it { is_expected.to contain_pupmod__conf('digest_algorithm').with({ - 'setting' => 'digest_algorithm', + it { + is_expected.to contain_pupmod__conf('digest_algorithm').with({ + 'setting' => 'digest_algorithm', 'value' => 'sha256' - }) } - it { is_expected.to contain_ini_setting("pupmod_agent_daemonize") } + }) + } + it { is_expected.to contain_ini_setting('pupmod_agent_daemonize') } - it { is_expected.to contain_ini_setting("pupmod_splay") } + it { is_expected.to contain_ini_setting('pupmod_splay') } - it { is_expected.to contain_ini_setting("pupmod_syslogfacility") } + it { is_expected.to contain_ini_setting('pupmod_syslogfacility') } - it { is_expected.to contain_ini_setting("pupmod_srv_domain") } + it { is_expected.to contain_ini_setting('pupmod_srv_domain') } - it { is_expected.to contain_ini_setting("pupmod_certname") } + it { is_expected.to contain_ini_setting('pupmod_certname') } - it { is_expected.to contain_ini_setting("pupmod_vardir") } + it { is_expected.to contain_ini_setting('pupmod_vardir') } - it { is_expected.to contain_ini_setting("pupmod_classfile") } + it { is_expected.to contain_ini_setting('pupmod_classfile') } - it { is_expected.to contain_ini_setting("pupmod_confdir") } + it { is_expected.to contain_ini_setting('pupmod_confdir') } - it { is_expected.to contain_ini_setting("pupmod_logdir") } + it { is_expected.to contain_ini_setting('pupmod_logdir') } - it { is_expected.to_not contain_class('auditd') } - it { is_expected.to_not contain_auditd__rule('puppet_master').with_content(audit_content)} - it { is_expected.to contain_ini_setting("pupmod_rundir") } + it { is_expected.not_to contain_class('auditd') } + it { is_expected.not_to contain_auditd__rule('puppet_master').with_content(audit_content) } + it { is_expected.to contain_ini_setting('pupmod_rundir') } - it { is_expected.to contain_ini_setting("pupmod_runinterval") } + it { is_expected.to contain_ini_setting('pupmod_runinterval') } - it { is_expected.to contain_ini_setting("pupmod_ssldir") } + it { is_expected.to contain_ini_setting('pupmod_ssldir') } - it { is_expected.to contain_ini_setting("pupmod_stringify_facts") } + it { is_expected.to contain_ini_setting('pupmod_stringify_facts') } - it { is_expected.to contain_ini_setting("pupmod_digest_algorithm") } + it { is_expected.to contain_ini_setting('pupmod_digest_algorithm') } - it { is_expected.to_not contain_class('auditd') } - it { is_expected.to_not contain_auditd__add_rules('puppet_master').with_content(audit_content)} + it { is_expected.not_to contain_class('auditd') } + it { is_expected.not_to contain_auditd__add_rules('puppet_master').with_content(audit_content) } - it { is_expected.to contain_file('/etc/sysconfig/puppet').with({ - 'ensure' => 'file', + it { + is_expected.to contain_file('/etc/sysconfig/puppet').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'root', 'mode' => '0644', 'content' => "PUPPET_EXTRA_OPTS='--daemonize'\n" - }) } + }) + } it { is_expected.to contain_selboolean('puppetagent_manage_all_files') } it { is_expected.not_to contain_class('pupmod::facter::conf') } @@ -176,72 +211,86 @@ def mock_selinux_enforcing_facts(os_facts) } context 'with_selinux_disabled' do - let(:facts) { + let(:facts) do _facts = @extras.merge(os_facts) _facts = mock_selinux_false_facts(_facts) _facts - } + end it { is_expected.not_to contain_selboolean('puppetagent_manage_all_files') } end end - describe "with non-default parameters" do + describe 'with non-default parameters' do context 'with haveged => true' do - let(:params) {{ :haveged => true }} + let(:params) { { haveged: true } } + it { is_expected.to contain_class('haveged') } end context 'with enable_puppet_master => false' do - let(:params) {{ :enable_puppet_master => true, }} + let(:params) { { enable_puppet_master: true, } } + it { is_expected.to create_class('pupmod::master') } end context 'with daemonize enabled' do - let(:params) {{:daemonize => true}} + let(:params) { { daemonize: true } } + it { is_expected.to contain_class('pupmod::agent::cron') } - it { is_expected.to contain_service('puppet').with({ - 'ensure' => 'running', + it { + is_expected.to contain_service('puppet').with({ + 'ensure' => 'running', 'enable' => true, 'hasrestart' => true, 'hasstatus' => true, 'subscribe' => 'File[/etc/puppetlabs/puppet/puppet.conf]' - }) } + }) + } end context 'with non-empty splaylimit' do - let(:params) {{:splaylimit => 5}} - it { is_expected.to contain_pupmod__conf('splaylimit').with({ - 'setting' => 'splaylimit', + let(:params) { { splaylimit: 5 } } + + it { + is_expected.to contain_pupmod__conf('splaylimit').with({ + 'setting' => 'splaylimit', 'value' => 5 - }) } + }) + } - it { is_expected.to contain_ini_setting("pupmod_splaylimit") } + it { is_expected.to contain_ini_setting('pupmod_splaylimit') } end context 'with set_environment enabled ' do - let(:params) {{ :set_environment => true }} + let(:params) { { set_environment: true } } - it { is_expected.to contain_pupmod__conf('environment').with({ - 'section' => 'agent', + it { + is_expected.to contain_pupmod__conf('environment').with({ + 'section' => 'agent', 'setting' => 'environment', 'value' => 'rp_env' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('remove environment from main').with({ - 'ensure' => 'absent', + it { + is_expected.to contain_pupmod__conf('remove environment from main').with({ + 'ensure' => 'absent', 'section' => 'main', 'setting' => 'environment' - }) } + }) + } context 'running from bolt' do - let(:environment) { 'bolt_catalog'} + let(:environment) { 'bolt_catalog' } + it { is_expected.not_to contain_pupmod__conf('environment') } end end context 'with manage_facter_conf => true' do - let(:params) {{ :manage_facter_conf => true }} + let(:params) { { manage_facter_conf: true } } + it { is_expected.to contain_class('pupmod::facter::conf') } end end diff --git a/spec/classes/20_classes/init_test_spec.rb b/spec/classes/20_classes/init_test_spec.rb index e57b5f54..6895aa28 100644 --- a/spec/classes/20_classes/init_test_spec.rb +++ b/spec/classes/20_classes/init_test_spec.rb @@ -1,24 +1,27 @@ require 'spec_helper' -audit_content = File.open("#{File.dirname(__FILE__)}/data/auditd.txt", "rb").read; +File.open("#{File.dirname(__FILE__)}/data/auditd.txt", 'rb').read describe 'pupmod' do on_supported_os.each do |os, os_facts| before :all do - @extras = { :puppet_settings => { + @extras = { puppet_settings: { 'master' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' - }}} + } + } } end context "on #{os}" do - let(:facts){ @extras.merge(os_facts) } + let(:facts) { @extras.merge(os_facts) } + [ 'PC1', - 'PE' + 'PE', ].each do |distribution| context "with server_distribution = #{distribution}" do - let(:params) {{ :server_distribution => distribution, :puppet_server => '1.2.3.4' }} - describe "with default parameters" do + let(:params) { { server_distribution: distribution, puppet_server: '1.2.3.4' } } + + describe 'with default parameters' do it { is_expected.to compile.with_all_deps } end end diff --git a/spec/classes/20_classes/master_spec.rb b/spec/classes/20_classes/master_spec.rb index 0e207e54..7aa5e0dd 100644 --- a/spec/classes/20_classes/master_spec.rb +++ b/spec/classes/20_classes/master_spec.rb @@ -1,13 +1,14 @@ require 'spec_helper' describe 'pupmod::master' do - audit_content = File.open("#{File.dirname(__FILE__)}/data/auditd.txt", "rb").read + audit_content = File.open("#{File.dirname(__FILE__)}/data/auditd.txt", 'rb').read before :all do - @extras = { :puppet_settings => { + @extras = { puppet_settings: { 'master' => { 'rest_authconfig' => '/etc/puppetlabs/puppet/authconf.conf' - }}} + } + } } end puppetserver_versions = ['7.12.0', '8.2.3'] @@ -18,19 +19,17 @@ puppetserver_versions.each do |puppetserver_version| context "on #{os} with puppet server #{puppetserver_version}" do - - let(:facts){ + let(:facts) do facts = @extras.merge(os_facts) facts[:simp_pupmod_serverversion] = puppetserver_version facts[:serverversion] = puppetserver_version facts - } - - describe "with default parameters" do + end + describe 'with default parameters' do let(:ca_cfg) { '/etc/puppetlabs/puppetserver/services.d/ca.cfg' } - let(:ca_cfg_lines) { catalogue.resource("File[#{ca_cfg}]")['content'].lines.map(&:strip).select{|l| l !~ /^\s*(#.+)?$/} } + let(:ca_cfg_lines) { catalogue.resource("File[#{ca_cfg}]")['content'].lines.map(&:strip).reject { |l| l =~ %r{^\s*(#.+)?$} } } it { is_expected.to compile.with_all_deps } @@ -39,47 +38,59 @@ it { is_expected.to create_class('pupmod::master::reports') } it { is_expected.to create_class('pupmod::master::base') } it { is_expected.to contain_class('pupmod::master::sysconfig').that_comes_before('Class[Pupmod::Master::Service]') } - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver').with({ - 'ensure' => 'directory', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver').with({ + 'ensure' => 'directory', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0660' - }) } + }) + } - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d').with({ - 'ensure' => 'directory', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d').with({ + 'ensure' => 'directory', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640' - }) } + }) + } - it { is_expected.to contain_file('/etc/puppetlabs/puppet/ssl').with({ - 'ensure' => 'directory', + it { + is_expected.to contain_file('/etc/puppetlabs/puppet/ssl').with({ + 'ensure' => 'directory', 'owner' => 'puppet', 'group' => 'puppet' - }) } + }) + } - it { is_expected.to contain_file('/var/run/puppetlabs/puppetserver').with({ - 'ensure' => 'directory', + it { + is_expected.to contain_file('/var/run/puppetlabs/puppetserver').with({ + 'ensure' => 'directory', 'owner' => 'puppet', 'group' => 'puppet' - }) } + }) + } - it { is_expected.to contain_file('/etc/puppetlabs/code').with({ - 'ensure' => 'directory', + it { + is_expected.to contain_file('/etc/puppetlabs/code').with({ + 'ensure' => 'directory', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640' - }) } + }) + } - it { is_expected.to contain_file(ca_cfg).with({ - 'ensure' => 'file', + it { + is_expected.to contain_file(ca_cfg).with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { is_expected.to contain_hocon_setting('puppetserver analytics') @@ -92,18 +103,23 @@ } if puppetserver_version >= '5.1.0' - it { expect(ca_cfg_lines).to eq ([ - 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service', - 'puppetlabs.trapperkeeper.services.watcher.filesystem-watch-service/filesystem-watch-service' - ]) } + it { + expect(ca_cfg_lines).to eq([ + 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service', + 'puppetlabs.trapperkeeper.services.watcher.filesystem-watch-service/filesystem-watch-service', + ]) + } else - it { expect(ca_cfg_lines).to eq ([ - 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' - ]) } + it { + expect(ca_cfg_lines).to eq([ + 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service', + ]) + } end - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/logback.xml').with({ - 'ensure' => 'file', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/logback.xml').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', @@ -142,20 +158,23 @@ CONTENT - }) } + }) + } context 'when processing ca.conf' do let(:ca_conf) { '/etc/puppetlabs/puppetserver/conf.d/ca.conf' } let(:ca_conf_hash) { Hocon.parse(catalogue.resource("File[#{ca_conf}]")['content']) } - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ - 'ensure' => 'file', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(ca_conf_hash).to have_key('certificate-authority') } it { @@ -163,25 +182,27 @@ 'certificate-status' => { 'client-whitelist' => [facts[:fqdn]], 'authorization-required' => true - } + }, ) } end - it { is_expected.to_not contain_file('/etc/puppetlabs/puppetserver/conf.d/os-settings.conf') } + it { is_expected.not_to contain_file('/etc/puppetlabs/puppetserver/conf.d/os-settings.conf') } context 'when processing puppetserver.conf' do let(:puppetserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf' } let(:puppetserver_conf_hash) { Hocon.parse(catalogue.resource("File[#{puppetserver_conf}]")['content']) } - it { is_expected.to contain_file(puppetserver_conf).with({ - 'ensure' => 'file', + it { + is_expected.to contain_file(puppetserver_conf).with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(puppetserver_conf_hash).to have_key('jruby-puppet') } @@ -195,8 +216,8 @@ 'master-log-dir' => '/var/log/puppetlabs/puppetserver', 'master-var-dir' => '/opt/puppetlabs/server/data/puppetserver', 'max-active-instances' => 1, - 'max-requests-per-instance' => 100000, - 'borrow-timeout' => 1200000, + 'max-requests-per-instance' => 100_000, + 'borrow-timeout' => 1_200_000, 'environment-class-cache-enabled' => true, 'compile-mode' => 'off', 'use-legacy-auth-conf' => false @@ -213,7 +234,7 @@ puppetserver_tgt_hash['gem-path'] = [ '/opt/puppetlabs/server/data/puppetserver/jruby-gems', '/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems', - '/opt/puppetlabs/puppet/lib/ruby/vendor_gems' + '/opt/puppetlabs/puppet/lib/ruby/vendor_gems', ] end @@ -224,22 +245,22 @@ it { expect(puppetserver_conf_hash['http-client']).to match( a_hash_including( - 'ssl-protocols' => [ 'TLSv1.2' ] - ) + 'ssl-protocols' => [ 'TLSv1.2' ], + ), ) } it { expect(puppetserver_conf_hash).to have_key('profiler') } it { expect(puppetserver_conf_hash['profiler']).to eq( - 'enabled' => false + 'enabled' => false, ) } it { expect(puppetserver_conf_hash).to have_key('puppet-admin') } it { expect(puppetserver_conf_hash['puppet-admin']).to eq( - 'client-whitelist' => [ facts[:fqdn] ] + 'client-whitelist' => [ facts[:fqdn] ], ) } end @@ -248,14 +269,16 @@ let(:web_routes_conf) { '/etc/puppetlabs/puppetserver/conf.d/web-routes.conf' } let(:web_routes_conf_hash) { Hocon.parse(catalogue.resource("File[#{web_routes_conf}]")['content']) } - it { is_expected.to contain_file(web_routes_conf).with({ - 'ensure' => 'file', + it { + is_expected.to contain_file(web_routes_conf).with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(web_routes_conf_hash).to have_key('web-router-service') } @@ -285,14 +308,16 @@ let(:webserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/webserver.conf' } let(:webserver_conf_hash) { Hocon.parse(catalogue.resource("File[#{webserver_conf}]")['content']) } - it { is_expected.to contain_file(webserver_conf).with({ - 'ensure' => 'file', + it { + is_expected.to contain_file(webserver_conf).with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(webserver_conf_hash).to have_key('webserver') } it { @@ -309,9 +334,9 @@ 'ssl-port' => 8140, 'ssl-protocols' => 'TLSv1.2', 'default-server' => true - } + }, ), - 'ca' => a_hash_including( + 'ca' => a_hash_including( { 'access-log-config' => '/etc/puppetlabs/puppetserver/request-logging.xml', 'client-auth' => 'want', @@ -322,183 +347,204 @@ 'ssl-host' => '0.0.0.0', 'ssl-port' => 8141, 'ssl-protocols' => 'TLSv1.2', - } - ) + }, + ), ) } it { expect(webserver_conf_hash['webserver']['base']['cipher-suites']).to include('TLS_EMPTY_RENEGOTIATION_INFO_SCSV') } it { expect(webserver_conf_hash['webserver']['ca']['cipher-suites']).to include('TLS_EMPTY_RENEGOTIATION_INFO_SCSV') } context 'when setting the cipher suites' do - let(:params) {{ - :ssl_cipher_suites => ['TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA256'] - }} + let(:params) do + { + ssl_cipher_suites: ['TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA256'] + } + end it { expect(webserver_conf_hash['webserver']['base']['cipher-suites']).to eq(params[:ssl_cipher_suites].join(',')) } it { expect(webserver_conf_hash['webserver']['ca']['cipher-suites']).to eq(params[:ssl_cipher_suites].join(',')) } end context 'when setting aribtrary webserver options' do - let(:params) {{ - # Simple setting override - :server_webserver_options => { - 'port' => '1212' - }, + let(:params) do + { + # Simple setting override + server_webserver_options: { + 'port' => '1212' + }, # Complex setting - :ca_webserver_options => { + ca_webserver_options: { 'static-content' => '[{ resource: "./web-assets", path: "/assets" }]' } - }} + } + end it { expect(webserver_conf_hash['webserver']['base']['port']).to eq(1212) } it { expect(webserver_conf_hash['webserver']['ca']['static-content']).to eq([{ - 'resource' => './web-assets', - 'path' => '/assets' - }]) + 'resource' => './web-assets', + 'path' => '/assets' + }]) } end context 'when adding new webserver sections' do - let(:params) {{ - # Simple setting override - :extra_webserver_sections => { - 'bob' => { - 'port' => '1212', - 'static-content' => '[{ resource: "./web-assets", path: "/assets" }]' - }, - 'alice' => { - 'port' => '2345', - 'static-content' => '[{ resource: "./other-web-assets", path: "/other-assets" }]' + let(:params) do + { + # Simple setting override + extra_webserver_sections: { + 'bob' => { + 'port' => '1212', + 'static-content' => '[{ resource: "./web-assets", path: "/assets" }]' + }, + 'alice' => { + 'port' => '2345', + 'static-content' => '[{ resource: "./other-web-assets", path: "/other-assets" }]' + } } } - }} + end it { expect(webserver_conf_hash['webserver']['bob']['port']).to eq(1212) } it { expect(webserver_conf_hash['webserver']['bob']['static-content']).to eq([{ - 'resource' => './web-assets', + 'resource' => './web-assets', 'path' => '/assets' - }]) + }]) } it { expect(webserver_conf_hash['webserver']['alice']['port']).to eq(2345) } it { expect(webserver_conf_hash['webserver']['alice']['static-content']).to eq([{ - 'resource' => './other-web-assets', + 'resource' => './other-web-assets', 'path' => '/other-assets' - }]) + }]) } end end it 'handles `trusted_server_facts` correctly for the Puppet version' do - if (Puppet.version.split('.').first >= '5') + if Puppet.version.split('.').first >= '5' is_expected.to contain_pupmod__conf('trusted_server_facts').with({ - 'ensure' => 'absent' - }) + 'ensure' => 'absent' + }) else is_expected.to contain_pupmod__conf('trusted_server_facts').with({ - 'ensure' => 'present', + 'ensure' => 'present', 'setting' => 'trusted_server_facts', 'value' => true, 'notify' => 'Class[Pupmod::Master::Service]' - }) + }) end end - it { is_expected.to contain_pupmod__conf('master_environmentpath').with({ - 'section' => 'server', + it { + is_expected.to contain_pupmod__conf('master_environmentpath').with({ + 'section' => 'server', 'setting' => 'environmentpath', 'value' => '/etc/puppetlabs/code/environments', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('master_daemonize').with({ - 'section' => 'server', + it { + is_expected.to contain_pupmod__conf('master_daemonize').with({ + 'section' => 'server', 'setting' => 'daemonize', 'value' => 'true', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('master_masterport').with({ - 'section' => 'server', + it { + is_expected.to contain_pupmod__conf('master_masterport').with({ + 'section' => 'server', 'setting' => 'masterport', 'value' => 8140, 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - if (Gem::Version.new(Puppet.version) >= Gem::Version.new('5.5.6')) + if Gem::Version.new(Puppet.version) >= Gem::Version.new('5.5.6') it 'ensures that "[master] ca" is absent when Puppet >= 5.5.6' do is_expected.to contain_pupmod__conf('master_ca').with_ensure('absent') end else it 'ensures that "[master] ca = true" is absent when Puppet < 5.5.6' do is_expected.to contain_pupmod__conf('master_ca').with({ - 'section' => 'server', + 'section' => 'server', 'setting' => 'ca', 'value' => true, 'notify' => 'Class[Pupmod::Master::Service]', - }) + }) end end - it { is_expected.to contain_pupmod__conf('master_ca_port').with({ - 'section' => 'server', + it { + is_expected.to contain_pupmod__conf('master_ca_port').with({ + 'section' => 'server', 'setting' => 'ca_port', 'value' => 8141, 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('ca_ttl').with({ - 'section' => 'server', + it { + is_expected.to contain_pupmod__conf('ca_ttl').with({ + 'section' => 'server', 'setting' => 'ca_ttl', 'value' => '10y', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } # fips_enabled fact take precedence over hieradata use_fips - it { is_expected.to contain_pupmod__conf('keylength').with({ - 'section' => 'server', + it { + is_expected.to contain_pupmod__conf('keylength').with({ + 'section' => 'server', 'setting' => 'keylength', 'value' => 4096, 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('freeze_main').with({ - 'setting' => 'freeze_main', + it { + is_expected.to contain_pupmod__conf('freeze_main').with({ + 'setting' => 'freeze_main', 'value' => false, 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - it { is_expected.to contain_pupmod__conf('strict_hostname_checking').with({ - 'setting' => 'strict_hostname_checking', + it { + is_expected.to contain_pupmod__conf('strict_hostname_checking').with({ + 'setting' => 'strict_hostname_checking', 'value' => true, 'notify' => 'Class[Pupmod::Master::Service]' - }) + }) } - it { is_expected.to contain_ini_setting("pupmod_master_environmentpath") } + it { is_expected.to contain_ini_setting('pupmod_master_environmentpath') } - it { is_expected.to contain_ini_setting("pupmod_master_daemonize") } + it { is_expected.to contain_ini_setting('pupmod_master_daemonize') } - it { is_expected.to contain_ini_setting("pupmod_master_masterport") } + it { is_expected.to contain_ini_setting('pupmod_master_masterport') } - it { is_expected.to contain_ini_setting("pupmod_master_ca") } + it { is_expected.to contain_ini_setting('pupmod_master_ca') } - it { is_expected.to contain_ini_setting("pupmod_master_ca_port") } + it { is_expected.to contain_ini_setting('pupmod_master_ca_port') } - it { is_expected.to contain_ini_setting("pupmod_ca_ttl") } + it { is_expected.to contain_ini_setting('pupmod_ca_ttl') } - it { is_expected.to contain_ini_setting("pupmod_keylength") } + it { is_expected.to contain_ini_setting('pupmod_keylength') } - it { is_expected.to contain_ini_setting("pupmod_freeze_main") } + it { is_expected.to contain_ini_setting('pupmod_freeze_main') } it { is_expected.not_to contain_class('iptables') } it { is_expected.not_to contain_iptables__listen__tcp_stateful('allow_puppet') } it { is_expected.not_to contain_iptables__listen__tcp_stateful('allow_puppetca') } end - describe "with non-default parameters" do + describe 'with non-default parameters' do context 'when server_distribution => PE' do let(:hieradata) { 'pe' } @@ -506,49 +552,55 @@ end context 'when server_distribution => PC1' do - let(:params) {{:server_distribution => 'PC1'}} + let(:params) { { server_distribution: 'PC1' } } it { is_expected.to contain_service('puppetserver') } it { is_expected.not_to contain_service('pe-puppetserver') } end context 'with enable_ca => false' do - let(:params) {{:enable_ca => false}} + let(:params) { { enable_ca: false } } context 'when processing web-routes.conf' do let(:web_routes_conf) { '/etc/puppetlabs/puppetserver/conf.d/web-routes.conf' } let(:web_routes_conf_hash) { Hocon.parse(catalogue.resource("File[#{web_routes_conf}]")['content']) } let(:ca_cfg) { '/etc/puppetlabs/puppetserver/services.d/ca.cfg' } - let(:ca_cfg_lines) { catalogue.resource("File[#{ca_cfg}]")['content'].lines.map(&:strip).select{|l| l !~ /^\s*(#.+)?$/} } + let(:ca_cfg_lines) { catalogue.resource("File[#{ca_cfg}]")['content'].lines.map(&:strip).reject { |l| l =~ %r{^\s*(#.+)?$} } } it { is_expected.to contain_file(web_routes_conf) } it { expect(web_routes_conf_hash). to have_key('web-router-service') } it { expect(web_routes_conf_hash['web-router-service']).to include( - 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' => '/puppet-ca' + 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' => '/puppet-ca', ) } - it { is_expected.to contain_file(ca_cfg).with({ - 'ensure' => 'file', + it { + is_expected.to contain_file(ca_cfg).with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } - it { expect(ca_cfg_lines).to eq ([ - 'puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service' - ]) } + it { + expect(ca_cfg_lines).to eq([ + 'puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service', + ]) + } end end context 'with syslog => true and log_to_file => true' do - let(:params) {{:syslog => true, :log_to_file => true}} - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/logback.xml').with({ - 'ensure' => 'file', + let(:params) { { syslog: true, log_to_file: true } } + + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/logback.xml').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', @@ -589,39 +641,44 @@ CONTENT - }) } + }) + } end context 'strict_hostname_checking = false' do - let(:params) {{ :strict_hostname_checking => false }} + let(:params) { { strict_hostname_checking: false } } it { is_expected.to contain_notify('CVE-2020-7942') } context 'cve_2020_7942_warning = false' do - let(:params) {{ - :strict_hostname_checking => false, - :cve_2020_7942_warning => false - }} + let(:params) do + { + strict_hostname_checking: false, + cve_2020_7942_warning: false + } + end it { is_expected.not_to contain_notify('CVE-2020-7942') } end end context 'with ca_allow_auth_extensions' do - let(:params) {{:ca_allow_auth_extensions => true}} + let(:params) { { ca_allow_auth_extensions: true } } context 'when processing ca.conf' do let(:ca_conf) { '/etc/puppetlabs/puppetserver/conf.d/ca.conf' } let(:ca_conf_hash) { Hocon.parse(catalogue.resource("File[#{ca_conf}]")['content']) } - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ - 'ensure' => 'file', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(ca_conf_hash).to have_key('certificate-authority') } it { expect(ca_conf_hash['certificate-authority']).to have_key('allow-authorization-extensions') } @@ -632,20 +689,22 @@ end context 'with ca_allow_alt_names' do - let(:params) {{:ca_allow_alt_names => true}} + let(:params) { { ca_allow_alt_names: true } } context 'when processing ca.conf' do let(:ca_conf) { '/etc/puppetlabs/puppetserver/conf.d/ca.conf' } let(:ca_conf_hash) { Hocon.parse(catalogue.resource("File[#{ca_conf}]")['content']) } - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ - 'ensure' => 'file', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(ca_conf_hash).to have_key('certificate-authority') } it { expect(ca_conf_hash['certificate-authority']).to have_key('allow-subject-alt-names') } @@ -656,62 +715,69 @@ end context 'with multiple entries in ca_status_whitelist' do - let(:params) {{:ca_status_whitelist => ['1.2.3.4', '5.6.7.8']}} + let(:params) { { ca_status_whitelist: ['1.2.3.4', '5.6.7.8'] } } context 'when processing ca.conf' do let(:ca_conf) { '/etc/puppetlabs/puppetserver/conf.d/ca.conf' } let(:ca_conf_hash) { Hocon.parse(catalogue.resource("File[#{ca_conf}]")['content']) } - it { is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ - 'ensure' => 'file', + it { + is_expected.to contain_file('/etc/puppetlabs/puppetserver/conf.d/ca.conf').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => 'puppet', 'mode' => '0640', 'require' => 'Class[Pupmod::Master::Install]', 'notify' => 'Class[Pupmod::Master::Service]' - }) } + }) + } it { expect(ca_conf_hash).to have_key('certificate-authority') } it { expect(ca_conf_hash['certificate-authority']).to have_key('certificate-status') } it { expect(ca_conf_hash['certificate-authority']['certificate-status']).to include( 'client-whitelist' => params[:ca_status_whitelist], - 'authorization-required' => true + 'authorization-required' => true, ) } end end context 'with non-empty ruby_load_path' do - let(:params) {{:ruby_load_path => '/some/ruby/path'}} - context 'when processing os-settings.conf' do - let(:os_settings_conf) { '/etc/puppetlabs/puppetserver/conf.d/os-settings.conf' } - let(:os_settings_conf_hash) { Hocon.parse(catalogue.resource("File[#{os_settings_conf}]")['content']) } + let(:params) { { ruby_load_path: '/some/ruby/path' } } - it { is_expected.to contain_file(os_settings_conf).with({ - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'puppet', - 'mode' => '0640', - 'require' => 'Class[Pupmod::Master::Install]', - 'notify' => 'Class[Pupmod::Master::Service]' - }) } + context 'when processing os-settings.conf' do + let(:os_settings_conf) { '/etc/puppetlabs/puppetserver/conf.d/os-settings.conf' } + let(:os_settings_conf_hash) { Hocon.parse(catalogue.resource("File[#{os_settings_conf}]")['content']) } + + it { + is_expected.to contain_file(os_settings_conf).with({ + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'puppet', + 'mode' => '0640', + 'require' => 'Class[Pupmod::Master::Install]', + 'notify' => 'Class[Pupmod::Master::Service]' + }) + } it { expect(os_settings_conf_hash).to have_key('os-settings') } it { expect(os_settings_conf_hash['os-settings']).to include( - 'ruby-load-path' => [params[:ruby_load_path]].flatten + 'ruby-load-path' => [params[:ruby_load_path]].flatten, ) } - end + end end context 'with empty ssl_protocols, non-empty ssl_cipher_suites, and multiple admin_api_whitelist entries' do - let(:params) {{ - :ssl_protocols => [], - :ssl_cipher_suites => ['TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA256'], - :admin_api_whitelist => ['foo.example.com', 'bar.example.com'] - }} + let(:params) do + { + ssl_protocols: [], + ssl_cipher_suites: ['TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA256'], + admin_api_whitelist: ['foo.example.com', 'bar.example.com'] + } + end context 'when processing puppetserver.conf' do let(:puppetserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf' } @@ -720,27 +786,29 @@ it { is_expected.to contain_file(puppetserver_conf) } it { expect(puppetserver_conf_hash).to have_key('http-client') } - it { expect(puppetserver_conf_hash['http-client']).to_not have_key('ssl-protocols') } + it { expect(puppetserver_conf_hash['http-client']).not_to have_key('ssl-protocols') } it { expect(puppetserver_conf_hash['http-client']).to include( - 'cipher-suites' => params[:ssl_cipher_suites] + 'cipher-suites' => params[:ssl_cipher_suites], ) } it { expect(puppetserver_conf_hash).to have_key('puppet-admin') } it { expect(puppetserver_conf_hash['puppet-admin']).to include( - 'client-whitelist' => params[:admin_api_whitelist] + 'client-whitelist' => params[:admin_api_whitelist], ) } end end context 'when admin_api_mountpoints does not begin with / and enable_ca => false' do - let(:params) {{ - :admin_api_mountpoint => 'admin_mount_point', - :enable_ca => false - }} + let(:params) do + { + admin_api_mountpoint: 'admin_mount_point', + enable_ca: false + } + end context 'when processing web-routes.conf' do let(:web_routes_conf) { '/etc/puppetlabs/puppetserver/conf.d/web-routes.conf' } @@ -752,18 +820,19 @@ it { expect(web_routes_conf_hash['web-router-service']).to include( 'puppetlabs.services.puppet-admin.puppet-admin-service/puppet-admin-service' => '/' + params[:admin_api_mountpoint], - 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' => '/puppet-ca' + 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' => '/puppet-ca', ) } end end context 'ca_port == masterport' do - let(:params) {{ - :ca_port => 12345, - :masterport => 12345 - - }} + let(:params) do + { + ca_port: 12_345, + masterport: 12_345 + } + end context 'when processing web-routes.conf' do let(:web_routes_conf) { '/etc/puppetlabs/puppetserver/conf.d/web-routes.conf' } @@ -774,14 +843,14 @@ it { expect(web_routes_conf_hash).to have_key('web-router-service') } it { expect(web_routes_conf_hash['web-router-service']).to include( - 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' => '/puppet-ca' + 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service' => '/puppet-ca', ) } end end context 'when enable_master =>false' do - let(:params) {{ :enable_master => false }} + let(:params) { { enable_master: false } } context 'when processing webserver.conf' do let(:webserver_conf) { '/etc/puppetlabs/puppetserver/conf.d/web-routes.conf' } @@ -789,44 +858,49 @@ it { is_expected.to contain_file(webserver_conf) } - it { expect(webserver_conf_hash).to_not have_key('base') } + it { expect(webserver_conf_hash).not_to have_key('base') } end - it { is_expected.to_not contain_iptables__listen__tcp_stateful('allow_puppet') } + it { is_expected.not_to contain_iptables__listen__tcp_stateful('allow_puppet') } end context 'when firewall => true' do - let(:params) {{ :firewall => true }} + let(:params) { { firewall: true } } + it { is_expected.to contain_class('iptables') } it { is_expected.to contain_iptables__listen__tcp_stateful('allow_puppet').with({ - 'order' => '11', - 'trusted_nets' => ['127.0.0.1','::1'], + 'order' => '11', + 'trusted_nets' => ['127.0.0.1', '::1'], 'dports' => 8140 - }) } + }) + } it { is_expected.to contain_iptables__listen__tcp_stateful('allow_puppetca').with({ - 'order' => '11', - 'trusted_nets' => ['127.0.0.1','::1'], + 'order' => '11', + 'trusted_nets' => ['127.0.0.1', '::1'], 'dports' => 8141 - }) } + }) + } end context 'with auditd => false' do - let(:params) {{:auditd => false}} - it { is_expected.to_not contain_class('auditd') } - it { is_expected.to_not contain_auditd__rule('puppet_master').with_content(audit_content)} + let(:params) { { auditd: false } } + + it { is_expected.not_to contain_class('auditd') } + it { is_expected.not_to contain_auditd__rule('puppet_master').with_content(audit_content) } end context 'with auditd => true' do - let(:params) {{:auditd => true}} + let(:params) { { auditd: true } } + it { is_expected.to contain_class('auditd') } - it { is_expected.to contain_auditd__rule('puppet_master').with_content(audit_content)} + it { is_expected.to contain_auditd__rule('puppet_master').with_content(audit_content) } end context 'when autosigning' do autosign_hosts = ['foo.bar', '*.baz'] - let(:params) {{ :autosign_hosts => autosign_hosts }} + let(:params) { { autosign_hosts: autosign_hosts } } autosign_hosts.each do |autosign_host| it { is_expected.to contain_pupmod__master__autosign(autosign_host) } diff --git a/spec/defines/conf_spec.rb b/spec/defines/conf_spec.rb index b65dc74c..33a0a899 100644 --- a/spec/defines/conf_spec.rb +++ b/spec/defines/conf_spec.rb @@ -14,9 +14,9 @@ context 'with basic settings' do let(:params) do { - :setting => 'test', - :value => 20, - :confdir => '/whatever' + setting: 'test', + value: 20, + confdir: '/whatever' } end @@ -32,9 +32,9 @@ context 'with a setting of "environment"' do let(:params) do { - :setting => 'environment', - :value => 'foobar', - :confdir => '/whatever' + setting: 'environment', + value: 'foobar', + confdir: '/whatever' } end @@ -50,10 +50,10 @@ context 'with a section of "master"' do let(:params) do { - :setting => 'foo', - :section => 'master', - :value => 'foobar', - :confdir => '/whatever' + setting: 'foo', + section: 'master', + value: 'foobar', + confdir: '/whatever' } end diff --git a/spec/defines/master/autosign_spec.rb b/spec/defines/master/autosign_spec.rb index 561780f2..4ea3d30f 100644 --- a/spec/defines/master/autosign_spec.rb +++ b/spec/defines/master/autosign_spec.rb @@ -3,7 +3,7 @@ describe 'pupmod::master::autosign' do on_supported_os.each do |os, facts| context "on #{os}" do - let(:facts) {facts} + let(:facts) { facts } let(:title) { '*.foo.bar' } @@ -11,7 +11,7 @@ context 'with different title' do let(:title) { 'autosign_test' } - let(:params) {{ :entry => 'foo.bar' }} + let(:params) { { entry: 'foo.bar' } } it { is_expected.to contain_concat__fragment("pupmod::master::autosign #{title}").with_content("# #{title}\n#{params[:entry]}\n") } end diff --git a/spec/defines/master/fileserver_entry_spec.rb b/spec/defines/master/fileserver_entry_spec.rb index 02582d8c..1cda51a8 100644 --- a/spec/defines/master/fileserver_entry_spec.rb +++ b/spec/defines/master/fileserver_entry_spec.rb @@ -12,15 +12,21 @@ _facts end - let(:params) {{ - :path => '/good/path', - :allow => ['foo.bar.baz'] - }} - it { is_expected.to ( + let(:params) do + { + path: '/good/path', + allow: ['foo.bar.baz'] + } + end + + it { + is_expected.to( contain_concat_fragment("pupmod::master::fileserver_entry #{title}") .with_content( - %r|\[fileserver_entry_test\]\n\s*path /good/path\n\sallow foo.bar.baz\n*| - ))} + %r{\[fileserver_entry_test\]\n\s*path /good/path\n\sallow foo.bar.baz\n*}, + ), + ) + } end context 'puppetserver 5.0.0' do @@ -30,15 +36,21 @@ _facts end - let(:params) {{ - :path => '/good/path', - :allow => ['foo.bar.baz'] - }} - it { is_expected.to ( + let(:params) do + { + path: '/good/path', + allow: ['foo.bar.baz'] + } + end + + it { + is_expected.to( contain_concat_fragment("pupmod::master::fileserver_entry #{title}") .with_content( - %r|\[fileserver_entry_test\]\n\s*path /good/path| - ))} + %r{\[fileserver_entry_test\]\n\s*path /good/path}, + ), + ) + } end end end diff --git a/spec/defines/pass_two_spec.rb b/spec/defines/pass_two_spec.rb index 79a5b188..bd460b3d 100644 --- a/spec/defines/pass_two_spec.rb +++ b/spec/defines/pass_two_spec.rb @@ -9,61 +9,68 @@ facts end - let(:assert_private_shim) { <<-EOM + let(:assert_private_shim) do + <<-EOM function assert_private { true } EOM - } + end let(:pre_condition) { assert_private_shim } [ 'PC1', - 'PE' + 'PE', ].each do |distribution| context "with server_distribution = #{distribution}" do [ false, - true + true, ].each do |pe_included| context "with puppet_enterprise in the catalog is #{pe_included}" do - if (pe_included == true) - let(:pre_condition) {<<-EOM + if pe_included == true + let(:pre_condition) do + <<-EOM #{assert_private_shim} include ::puppet_enterprise EOM - } + end end - if (pe_included == true or distribution == 'PE') - $pe_mode = true - else - $pe_mode = false + $pe_mode = if (pe_included == true) || (distribution == 'PE') + true + else + false + end + let(:title) { 'main' } + let(:params) do + { + server_distribution: distribution + } end - let(:title) { "main" } - + { 'server_list' => ['11.22.33.44', '5.6.7.8'], 'server' => '11.22.33.44' }.each do |key, data| context "with pupmod_server as #{data}" do if $pe_mode - it { is_expected.to_not contain_ini_setting("pupmod_#{key}") } + it { is_expected.not_to contain_ini_setting("pupmod_#{key}") } else - let(:title) { "main" } - let(:params) { + let(:title) { 'main' } + let(:params) do { - :server_distribution => distribution, - :pupmod_server => data + server_distribution: distribution, + pupmod_server: data } - } - if (key == 'server_list') + end + if key == 'server_list' it { - is_expected.to contain_pupmod__conf(key).with( - { - 'ensure' => 'present', - 'setting' => key, - 'value' => data.join(',') - } - ) + is_expected.to contain_pupmod__conf(key).with( + { + 'ensure' => 'present', + 'setting' => key, + 'value' => data.join(',') + }, + ) } it { is_expected.to contain_pupmod__conf('server').with( @@ -71,7 +78,7 @@ 'ensure' => 'absent', 'setting' => 'server', 'value' => '' - } + }, ) } else @@ -81,7 +88,7 @@ 'ensure' => 'present', 'setting' => key, 'value' => data - } + }, ) } it { @@ -90,7 +97,7 @@ 'ensure' => 'absent', 'setting' => 'server_list', 'value' => '' - } + }, ) } end @@ -98,12 +105,6 @@ end end - let(:params) { - { - :server_distribution => distribution - } - } - { 'ca_server' => { 'value' => '$server' @@ -120,121 +121,121 @@ } }.each do |key, value| if $pe_mode - it { is_expected.to_not contain_ini_setting("pupmod_#{key}") } + it { is_expected.not_to contain_ini_setting("pupmod_#{key}") } else it { is_expected.to contain_pupmod__conf(key).with( { 'setting' => key - }.merge(value) + }.merge(value), ) } it { is_expected.to contain_ini_setting("pupmod_#{key}") } end end - unless $pe_mode - mode = '0640' - group = 'puppet' - else + if $pe_mode mode = nil group = nil + else + mode = '0640' + group = 'puppet' end - it { is_expected.to contain_file('/etc/puppetlabs/puppet').with({ - 'ensure' => 'directory', + it { + is_expected.to contain_file('/etc/puppetlabs/puppet').with({ + 'ensure' => 'directory', 'owner' => 'root', 'group' => 'puppet', 'mode' => mode, - }) } - it { is_expected.to contain_file('/etc/puppetlabs/puppet/puppet.conf').with({ - 'ensure' => 'file', + }) + } + it { + is_expected.to contain_file('/etc/puppetlabs/puppet/puppet.conf').with({ + 'ensure' => 'file', 'owner' => 'root', 'group' => group, 'mode' => mode - }) } - it { is_expected.to contain_group('puppet').with({ - 'ensure' => 'present', - 'allowdupe' => false, - 'tag' => 'firstrun', - }) } + }) + } + it { + is_expected.to contain_group('puppet').with({ + 'ensure' => 'present', + 'allowdupe' => false, + 'tag' => 'firstrun', + }) + } if $pe_mode - classlist = data['pupmod::pe_classlist']; + classlist = data['pupmod::pe_classlist'] classlist.each do |key, value| - unless (key == 'pupmod' or key == 'pupmod::master') - context "when #{key} is included in the catalog" do - let(:pre_condition) { - if (key == 'puppet_enterprise::profile::master') - ret = %{ - #{assert_private_shim} - include puppet_enterprise - class { 'pupmod': - mock => true - } - include #{key} + next if ['pupmod', 'pupmod::master'].include?(key) + context "when #{key} is included in the catalog" do + let(:pre_condition) do + ret = if key == 'puppet_enterprise::profile::master' + %( + #{assert_private_shim} + include puppet_enterprise + class { 'pupmod': + mock => true } - else - ret = %{ - #{assert_private_shim} - include puppet_enterprise - include #{key} - } - end + include #{key} + ) + else + %( + #{assert_private_shim} + include puppet_enterprise + include #{key} + ) + end - if defined?(data) - _services = [] - data['pupmod::pe_classlist'].each_pair { |k,v| - _services += v['services'] if v['services'] - } + if defined?(data) + _services = [] + data['pupmod::pe_classlist'].each_pair do |_k, v| + _services += v['services'] if v['services'] + end - _services.uniq.each do |_service| - ret << %{\nensure_resource('service', '#{_service}')} - end + _services.uniq.each do |_service| + ret << %{\nensure_resource('service', '#{_service}')} end + end - ret - } + ret + end - users = value['users'] - unless (users == nil) - users.each do |user| - it "should contain Group[puppet] with user #{user} in the members array" do - members = catalogue.resource('group', 'puppet').send(:parameters)[:members] - expect(members.find { |x| x =~ Regexp.new("#{user}")}).to be_truthy - end - end + users = value['users'] + users&.each do |user| + it "contains Group[puppet] with user #{user} in the members array" do + members = catalogue.resource('group', 'puppet').send(:parameters)[:members] + expect(members.find { |x| x =~ Regexp.new(user.to_s) }).to be_truthy end + end - services = value['services'] - unless (services == nil) - services.each do |service| - it "should contain Group[puppet] that notifies Service[#{service}]" do - notify = catalogue.resource('group', 'puppet').send(:parameters)[:notify] - regex = Regexp.new("#{service}") - expect(notify.find { |x| x.to_s =~ Regexp.new(regex)}).to be_truthy - end - end + services = value['services'] + services&.each do |service| + it "contains Group[puppet] that notifies Service[#{service}]" do + notify = catalogue.resource('group', 'puppet').send(:parameters)[:notify] + regex = Regexp.new(service.to_s) + expect(notify.find { |x| x.to_s =~ Regexp.new(regex) }).to be_truthy end + end - firewall = value['firewall_rules'] - unless (firewall == nil) - firewall.each do |rule| - let(:params) { - { - 'firewall' => true - } - } - it { is_expected.to contain_iptables__listen__tcp_stateful("#{key} - #{rule['proto']} - #{rule['port']}").with({ 'dports' => rule['port']})} - end + firewall = value['firewall_rules'] + firewall&.each do |rule| + let(:params) do + { + 'firewall' => true + } end + it { is_expected.to contain_iptables__listen__tcp_stateful("#{key} - #{rule['proto']} - #{rule['port']}").with({ 'dports' => rule['port'] }) } end end end end if $pe_mode - context "with pupmod::master defined" do - let(:pre_condition) {<<-EOM + context 'with pupmod::master defined' do + let(:pre_condition) do + <<-EOM #{assert_private_shim} include ::puppet_enterprise include ::puppet_enterprise::profile::master @@ -243,12 +244,15 @@ class { "::pupmod": } include pupmod::master EOM - } - it { is_expected.to compile.and_raise_error(/.*pupmod::master is NOT supported on PE masters. Please remove the pupmod::master classification from hiera or the puppet console before proceeding.*/) } + end + it { + is_expected.to compile.and_raise_error(%r{.*pupmod::master is NOT supported on PE masters. Please remove the pupmod::master classification from hiera or the puppet console before proceeding.*}) + } end - context "with pupmod::master not defined" do - let(:pre_condition) {<<-EOM + context 'with pupmod::master not defined' do + let(:pre_condition) do + <<-EOM #{assert_private_shim} include ::puppet_enterprise include ::puppet_enterprise::profile::master @@ -256,34 +260,36 @@ class { "::pupmod": mock => true } EOM - } + end + it { is_expected.to compile } - it { is_expected.to contain_class("pupmod::master::sysconfig")} + it { is_expected.to contain_class('pupmod::master::sysconfig') } { - "2015.1.1" => true, - "2015.20.1" => true, - "2016.1.0" => true, - "2016.2.0" => true, - "2016.4.0" => false, - "2016.4.1" => false, - "2016.5.1" => false, - "2017.1.0" => false, - "2017.20.1" => false, - "2018.1.0" => false, - "2020.1.0" => false, - "2021.1.0" => false, + '2015.1.1' => true, + '2015.20.1' => true, + '2016.1.0' => true, + '2016.2.0' => true, + '2016.4.0' => false, + '2016.4.1' => false, + '2016.5.1' => false, + '2017.1.0' => false, + '2017.20.1' => false, + '2018.1.0' => false, + '2020.1.0' => false, + '2021.1.0' => false, }.each do |pe_version, tmpdir| - it { is_expected.to contain_file("#{File.dirname(facts[:puppet_settings][:master][:server_datadir])}/pserver_tmp")} + it { is_expected.to contain_file("#{File.dirname(facts[:puppet_settings][:master][:server_datadir])}/pserver_tmp") } context "when pe_version == #{pe_version}" do - let (:facts) do - { "pe_build" => pe_version }.merge(facts) + let(:facts) do + { 'pe_build' => pe_version }.merge(facts) end + ['JAVA_ARGS', 'JAVA_ARGS_CLI'].each do |setting| - if (tmpdir == true) - it { is_expected.to contain_pe_ini_subsetting("pupmod::master::sysconfig::javatempdir for #{setting}")} + if tmpdir == true + it { is_expected.to contain_pe_ini_subsetting("pupmod::master::sysconfig::javatempdir for #{setting}") } else - it { is_expected.to_not contain_pe_ini_subsetting("pupmod::master::sysconfig::javatempdir for #{setting}")} + it { is_expected.not_to contain_pe_ini_subsetting("pupmod::master::sysconfig::javatempdir for #{setting}") } end end end diff --git a/spec/functions/max_active_instances_spec.rb b/spec/functions/max_active_instances_spec.rb index 218dacca..e9e64dc7 100644 --- a/spec/functions/max_active_instances_spec.rb +++ b/spec/functions/max_active_instances_spec.rb @@ -1,125 +1,134 @@ require 'spec_helper' describe 'pupmod::max_active_instances' do - on_supported_os.each do |os, os_facts| - context "on #{os}" do - context 'with os defaults' do - let(:facts) { os_facts } - it { is_expected.to run } - end + on_supported_os.each do |os, os_facts| + context "on #{os}" do + context 'with os defaults' do + let(:facts) { os_facts } - context '4C and 8GB' do - let(:facts) { os_facts.merge({ - :memorysize_mb => 8192, - :processorcount => 4, - :processors => { - :physicalcount => 1, - :count => 4, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" - ] - } - })} + it { is_expected.to run } + end - it { is_expected.to run.and_return(2) } - it { is_expected.to run.with_params('primary').and_return(2) } - it { is_expected.to run.with_params('compile').and_return(3) } - end + context '4C and 8GB' do + let(:facts) do + os_facts.merge({ + memorysize_mb: 8192, + processorcount: 4, + processors: { + physicalcount: 1, + count: 4, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + ] + } + }) + end - context '8C and 16GB' do - let(:facts) { os_facts.merge({ - :memorysize_mb => 16384, - :processorcount => 8, - :processors => { - :physicalcount => 2, - :count => 8, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" - ] - } - })} + it { is_expected.to run.and_return(2) } + it { is_expected.to run.with_params('primary').and_return(2) } + it { is_expected.to run.with_params('compile').and_return(3) } + end - it { is_expected.to run.and_return(5) } - it { is_expected.to run.with_params('primary').and_return(2) } - it { is_expected.to run.with_params('compile').and_return(7) } - end + context '8C and 16GB' do + let(:facts) do + os_facts.merge({ + memorysize_mb: 16_384, + processorcount: 8, + processors: { + physicalcount: 2, + count: 8, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + ] + } + }) + end - context '16C and 32GB' do - let(:facts) { os_facts.merge({ - :memorysize_mb => 32768, - :processorcount => 16, - :processors => { - :physicalcount => 4, - :count => 16, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" - ] - } - })} + it { is_expected.to run.and_return(5) } + it { is_expected.to run.with_params('primary').and_return(2) } + it { is_expected.to run.with_params('compile').and_return(7) } + end - it { is_expected.to run.and_return(11) } - it { is_expected.to run.with_params('primary').and_return(4) } - it { is_expected.to run.with_params('compile').and_return(15) } - end + context '16C and 32GB' do + let(:facts) do + os_facts.merge({ + memorysize_mb: 32_768, + processorcount: 16, + processors: { + physicalcount: 4, + count: 16, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + ] + } + }) + end - # Test memory limited - context '16C and 4GB' do - let(:facts) { os_facts.merge({ - :memorysize_mb => 4096, - :processorcount => 16, - :processors => { - :physicalcount => 4, - :count => 16, - :models => [ - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz", - "Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz" - ] - } - })} + it { is_expected.to run.and_return(11) } + it { is_expected.to run.with_params('primary').and_return(4) } + it { is_expected.to run.with_params('compile').and_return(15) } + end - it { is_expected.to run.and_return(3) } - it { is_expected.to run.with_params('primary').and_return(3) } - it { is_expected.to run.with_params('compile').and_return(3) } - end + # Test memory limited + context '16C and 4GB' do + let(:facts) do + os_facts.merge({ + memorysize_mb: 4096, + processorcount: 16, + processors: { + physicalcount: 4, + count: 16, + models: [ + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + 'Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz', + ] + } + }) end + + it { is_expected.to run.and_return(3) } + it { is_expected.to run.with_params('primary').and_return(3) } + it { is_expected.to run.with_params('compile').and_return(3) } + end end + end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index ef4fe640..acc4013b 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,4 +1,5 @@ # frozen_string_literal: true + # # ------------------------------------------------------------------------------ # NOTICE: **This file is maintained with puppetsync** @@ -90,7 +91,7 @@ def set_hieradata(hieradata) # If nothing else... c.default_facts = { production: { - #:fqdn => 'production.rspec.test.localdomain', + # :fqdn => 'production.rspec.test.localdomain', path: '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', concat_basedir: '/tmp' } @@ -150,9 +151,9 @@ def set_hieradata(hieradata) # sanitize hieradata if defined?(hieradata) - set_hieradata(hieradata.gsub(':', '_')) + set_hieradata(hieradata.tr(':', '_')) elsif defined?(class_name) - set_hieradata(class_name.gsub(':', '_')) + set_hieradata(class_name.tr(':', '_')) end end @@ -164,9 +165,7 @@ def set_hieradata(hieradata) end Dir.glob("#{RSpec.configuration.module_path}/*").each do |dir| - begin - Pathname.new(dir).realpath - rescue StandardError - raise "ERROR: The module '#{dir}' is not installed. Tests cannot continue." - end + Pathname.new(dir).realpath +rescue StandardError + raise "ERROR: The module '#{dir}' is not installed. Tests cannot continue." end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index fde3915a..ef6c56f8 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -18,7 +18,6 @@ end end - RSpec.configure do |c| # ensure that environment OS is ready on each host fix_errata_on hosts @@ -32,29 +31,25 @@ # Configure all nodes in nodeset c.before :suite do + # Install modules and dependencies from spec/fixtures/modules + copy_fixture_modules_to(hosts) begin - # Install modules and dependencies from spec/fixtures/modules - copy_fixture_modules_to( hosts ) - begin - server = only_host_with_role(hosts, 'server') - rescue ArgumentError =>e - server = only_host_with_role(hosts, 'default') - end - - # Generate and install PKI certificates on each SUT - Dir.mktmpdir do |cert_dir| - run_fake_pki_ca_on(server, hosts, cert_dir ) - hosts.each{ |sut| copy_pki_to( sut, cert_dir, '/etc/pki/simp-testing' )} - end + server = only_host_with_role(hosts, 'server') + rescue ArgumentError => e + server = only_host_with_role(hosts, 'default') + end - # add PKI keys - copy_keydist_to(server) - rescue StandardError, ScriptError => e - if ENV['PRY'] - require 'pry'; binding.pry - else - raise e - end + # Generate and install PKI certificates on each SUT + Dir.mktmpdir do |cert_dir| + run_fake_pki_ca_on(server, hosts, cert_dir) + hosts.each { |sut| copy_pki_to(sut, cert_dir, '/etc/pki/simp-testing') } end + + # add PKI keys + copy_keydist_to(server) + rescue StandardError, ScriptError => e + raise e unless ENV['PRY'] + require 'pry' + binding.pry end end diff --git a/spec/unit/compliance_engine/compliance_engine_enforce_spec.rb b/spec/unit/compliance_engine/compliance_engine_enforce_spec.rb index 4adbb8c8..4b34de8d 100644 --- a/spec/unit/compliance_engine/compliance_engine_enforce_spec.rb +++ b/spec/unit/compliance_engine/compliance_engine_enforce_spec.rb @@ -21,14 +21,13 @@ def normalize_compliance_results(compliance_profile_data, section, exceptions) normalized = Marshal.load(Marshal.dump(compliance_profile_data)) if section == 'non_compliant' - exceptions['non_compliant'].each do |resource,params| + exceptions['non_compliant'].each do |resource, params| params.each do |param| - if normalized['non_compliant'].key?(resource) && - normalized['non_compliant'][resource]['parameters'].key?(param) - normalized['non_compliant'][resource]['parameters'].delete(param) - if normalized['non_compliant'][resource]['parameters'].empty? - normalized['non_compliant'].delete(resource) - end + next unless normalized['non_compliant'].key?(resource) && + normalized['non_compliant'][resource]['parameters'].key?(param) + normalized['non_compliant'][resource]['parameters'].delete(param) + if normalized['non_compliant'][resource]['parameters'].empty? + normalized['non_compliant'].delete(resource) end end end @@ -55,42 +54,41 @@ def normalize_compliance_results(compliance_profile_data, section, exceptions) # This is the class that needs to be added to the catalog last to make the # reporting work. describe 'compliance_markup', type: :class do - # A list of classes that we expect to be included for this compliance test. # # This needs to be well defined since we can also manipulate defined type # defaults expected_classes = [ 'pupmod', - 'pupmod::master' + 'pupmod::master', ] # regex to match any resource or resource parameter NOT under test not_expected_classes_regex = Regexp.new( - "^(?!(#{expected_classes.join("|")})(::.*)?)" + "^(?!(#{expected_classes.join('|')})(::.*)?)", ) compliance_profiles = { - 'disa_stig' => { - :percent_compliant => 100, - :exceptions => { + 'disa_stig' => { + percent_compliant: 100, + exceptions: { 'documented_missing_parameters' => [ not_expected_classes_regex ], 'documented_missing_resources' => [ not_expected_classes_regex ], 'non_compliant' => {} } }, 'nist_800_53:rev4' => { - :percent_compliant => 96, - :exceptions => { + percent_compliant: 96, + exceptions: { 'documented_missing_parameters' => [ not_expected_classes_regex ], 'documented_missing_resources' => [ not_expected_classes_regex ], 'non_compliant' => { - # compliance_engine is not smart enough, yet, to allow compliance to - # be determined by anything other than an exact match to parameter - # content. In this case, all we want to ensure is that 'EC2' appears - # in facts.blocklist element of pupmod::facter_options. We don't - # actually care what else is in that configuration Hash. So, the - # 'non_compliant' report is a false alarm for pupmod::facter_options. + # compliance_engine is not smart enough, yet, to allow compliance to + # be determined by anything other than an exact match to parameter + # content. In this case, all we want to ensure is that 'EC2' appears + # in facts.blocklist element of pupmod::facter_options. We don't + # actually care what else is in that configuration Hash. So, the + # 'non_compliant' report is a false alarm for pupmod::facter_options. 'Class[Pupmod]' => [ 'facter_options' ] } } @@ -99,38 +97,38 @@ def normalize_compliance_results(compliance_profile_data, section, exceptions) on_supported_os.each do |os, os_facts| context "on #{os}" do - compliance_profiles.each do |target_profile,info| + compliance_profiles.each do |target_profile, info| context "with compliance profile '#{target_profile}'" do - let(:facts){ + let(:facts) do os_facts.merge({ - :target_compliance_profile => target_profile - }) - } - - let(:pre_condition) {%( - #{expected_classes.map{|c| %{include #{c}}}.join("\n")} - )} - - let(:hieradata){ 'compliance-engine' } - - it { is_expected.to compile } - - let(:compliance_report) { - @compliance_report ||= JSON.load( - catalogue.resource("File[#{facts[:puppet_vardir]}/compliance_report.json]")[:content] + target_compliance_profile: target_profile + }) + end + let(:compliance_report) do + @compliance_report ||= JSON.parse( + catalogue.resource("File[#{facts[:puppet_vardir]}/compliance_report.json]")[:content], ) @compliance_report - } - - let(:compliance_profile_data) { + end + let(:compliance_profile_data) do @compliance_profile_data ||= compliance_report['compliance_profiles'][target_profile] @compliance_profile_data - } + end + + let(:pre_condition) do + %( + #{expected_classes.map { |c| %(include #{c}) }.join("\n")} + ) + end + + let(:hieradata) { 'compliance-engine' } + + it { is_expected.to compile } - it 'should have a compliance profile report' do - expect(compliance_profile_data).to_not be_nil + it 'has a compliance profile report' do + expect(compliance_profile_data).not_to be_nil end # The list of report sections that should not exist and if they do @@ -159,24 +157,25 @@ def normalize_compliance_results(compliance_profile_data, section, exceptions) # # Unless this test is for a completely comprehensive data profile, # with all classes included, this report section may be useless. - 'documented_missing_resources' + 'documented_missing_resources', ] report_validators.each do |report_section| - it "should have no issues with the '#{report_section}' report" do + it "has no issues with the '#{report_section}' report" do if compliance_profile_data[report_section] # remove any false alarms from compliance results normalized = normalize_compliance_results( compliance_profile_data, report_section, - info[:exceptions]) + info[:exceptions], + ) expect(normalized[report_section]).to be_empty end end end - it "should have at least #{info[:percent_compliant]}% report compliance" do + it "has at least #{info[:percent_compliant]}% report compliance" do expect(compliance_profile_data['summary']['percent_compliant']) .to be >= info[:percent_compliant] end diff --git a/spec/unit/facter/puppet_service_spec.rb b/spec/unit/facter/puppet_service_spec.rb index 4c09568d..fb87ab71 100644 --- a/spec/unit/facter/puppet_service_spec.rb +++ b/spec/unit/facter/puppet_service_spec.rb @@ -1,16 +1,16 @@ -require "spec_helper" +require 'spec_helper' # # This tests both the puppet_service_enabled and puppet_service_started facts. # -describe 'puppet_service_enabled', :type => :fact do +describe 'puppet_service_enabled', type: :fact do before :each do - Facter.clear - Facter.clear_messages + Facter.clear + Facter.clear_messages end context 'with systemd on linux' do - before do + before(:each) do allow(Facter.fact(:kernel)).to receive(:value).and_return(:linux) Facter.add(:init_systems) { setcode { 'systemd' } } end @@ -20,7 +20,7 @@ allow(Facter::Core::Execution).to receive(:execute).with('/usr/bin/systemctl is-enabled puppet.service').and_return 'enabled' allow(Facter::Core::Execution).to receive(:execute).with('/usr/bin/systemctl status puppet.service').and_return File.read('spec/files/systemctl_status_on.txt') end - it 'should return true' do + it 'returns true' do expect(Facter.fact(:puppet_service_enabled).value).to be true expect(Facter.fact(:puppet_service_started).value).to be true end @@ -31,7 +31,7 @@ allow(Facter::Core::Execution).to receive(:execute).with('/usr/bin/systemctl is-enabled puppet.service').and_return 'disabled' allow(Facter::Core::Execution).to receive(:execute).with('/usr/bin/systemctl status puppet.service').and_return File.read('spec/files/systemctl_status_off.txt') end - it 'should return false' do + it 'returns false' do expect(Facter.value(:puppet_service_enabled)).to be false expect(Facter.value(:puppet_service_started)).to be false end @@ -39,7 +39,7 @@ end context 'without systemd on linux' do - before do + before(:each) do allow(Facter.fact(:kernel)).to receive(:value).and_return(:linux) Facter.add(:init_systems) { setcode { 'sysv' } } end @@ -49,7 +49,7 @@ allow(Facter::Core::Execution).to receive(:execute).with('/sbin/chkconfig --list | grep -w puppet').and_return 'puppet 0:off 1:off 2:off 3:on 4:on 5:on 6:off' allow(Facter::Core::Execution).to receive(:execute).with('/sbin/service puppet status').and_return 'puppet (pid 24188) is running...' end - it 'should return true' do + it 'returns true' do expect(Facter.value(:puppet_service_enabled)).to be true expect(Facter.value(:puppet_service_started)).to be true end @@ -60,7 +60,7 @@ allow(Facter::Core::Execution).to receive(:execute).with('/sbin/chkconfig --list | grep -w puppet').and_return 'puppet 0:off 1:off 2:off 3:off 4:off 5:off 6:off ' allow(Facter::Core::Execution).to receive(:execute).with('/sbin/service puppet status').and_return 'this service is stopped' end - it 'should return false' do + it 'returns false' do expect(Facter.value(:puppet_service_enabled)).to be false expect(Facter.value(:puppet_service_started)).to be false end diff --git a/spec/unit/facter/puppetserver_jruby.rb b/spec/unit/facter/puppetserver_jruby.rb index 72ac364e..c28e1a99 100644 --- a/spec/unit/facter/puppetserver_jruby.rb +++ b/spec/unit/facter/puppetserver_jruby.rb @@ -1,25 +1,23 @@ -require "spec_helper" +require 'spec_helper' # # This tests both the puppet_service_enabled and puppet_service_started facts. # describe 'custom fact puppetserver_jruby' do - before (:each) do - Facter.clear + before(:each) do + Facter.clear end context 'with installation directory existing' do - it ' should return a hash' do File.expects(:directory?).with('/opt/puppetlabs/server/apps/puppetserver').returns(true) File.expects(:readable?).with('/opt/puppetlabs/server/apps/puppetserver').returns(true) - Dir.expects(:glob).with('/opt/puppetlabs/server/apps/puppetserver/*.jar').returns(['/x/d/f/my.jar','/t/t/t/honey.jar']) + Dir.expects(:glob).with('/opt/puppetlabs/server/apps/puppetserver/*.jar').returns(['/x/d/f/my.jar', '/t/t/t/honey.jar']) expect(Facter.fact('puppetserver_jruby').value).to eq({ - 'dir' => '/opt/puppetlabs/server/apps/puppetserver', - 'jarfiles' => ['my.jar','honey.jar'] - }) + 'dir' => '/opt/puppetlabs/server/apps/puppetserver', + 'jarfiles' => ['my.jar', 'honey.jar'] + }) end end end - From c35bb762433c0957ff968b469eeb89412c76441f Mon Sep 17 00:00:00 2001 From: Steven Pritchard Date: Mon, 10 Feb 2025 09:58:16 -0600 Subject: [PATCH 2/2] Un-pin fixtures --- .fixtures.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index ef80933c..664881f7 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -4,25 +4,21 @@ fixtures: auditd: https://github.com/simp/pupmod-simp-auditd.git augeas_core: repo: https://github.com/simp/pupmod-puppetlabs-augeas_core.git - puppet_version: ">= 6.0.0" augeasproviders_core: https://github.com/simp/augeasproviders_core.git augeasproviders_grub: https://github.com/simp/augeasproviders_grub.git augeasproviders_puppet: https://github.com/simp/augeasproviders_puppet.git cron_core: repo: https://github.com/simp/pupmod-puppetlabs-cron_core.git - puppet_version: ">= 6.0.0" firewalld: https://github.com/simp/pupmod-voxpupuli-firewalld.git haveged: https://github.com/simp/pupmod-simp-haveged.git inifile: https://github.com/simp/puppetlabs-inifile.git iptables: https://github.com/simp/pupmod-simp-iptables.git selinux_core: repo: https://github.com/simp/pupmod-puppetlabs-selinux_core.git - puppet_version: ">= 6.0.0" compliance_markup: https://github.com/simp/pupmod-simp-compliance_markup.git concat: https://github.com/simp/puppetlabs-concat.git hocon: repo: https://github.com/puppetlabs/puppetlabs-hocon.git - ref: v1.1.0 logrotate: https://github.com/simp/pupmod-simp-logrotate.git pki: https://github.com/simp/pupmod-simp-pki.git rsyslog: https://github.com/simp/pupmod-simp-rsyslog.git @@ -34,10 +30,8 @@ fixtures: pam: https://github.com/simp/pupmod-simp-pam.git puppet_enterprise: repo: https://github.com/simp/pupmod-mock-puppet_enterprise.git - ref: 0.3.0 puppet_authorization: repo: https://github.com/simp/puppetlabs-puppet_authorization.git - ref: 0.5.1 augeasproviders_ssh: https://github.com/simp/augeasproviders_ssh.git sudo: https://github.com/simp/pupmod-simp-sudo.git symlinks: