From 25af7c3026ced6fddf2941272da4d827d51a8c29 Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Wed, 10 Aug 2022 09:05:25 -0700 Subject: [PATCH 1/4] factor #tftp_root out of spec/acceptance/netboot_spec.rb As this lookup may have useful for other/future acceptance tests. --- spec/acceptance/netboot_spec.rb | 15 +-------------- spec/support/acceptance/tftp_root.rb | 8 ++++++++ 2 files changed, 9 insertions(+), 14 deletions(-) create mode 100644 spec/support/acceptance/tftp_root.rb diff --git a/spec/acceptance/netboot_spec.rb b/spec/acceptance/netboot_spec.rb index 148af2ed..6cb1f0f6 100644 --- a/spec/acceptance/netboot_spec.rb +++ b/spec/acceptance/netboot_spec.rb @@ -5,20 +5,7 @@ include_examples 'the example', 'tftp.pp' - root = case host_inventory['facter']['os']['name'] - when 'Debian' - '/srv/tftp' - when 'Ubuntu' - if host_inventory['facter']['os']['release']['major'].to_f >= 20.04 - '/srv/tftp' - else - '/var/lib/tftpboot' - end - else - '/var/lib/tftpboot' - end - - describe file("#{root}/grub2/boot") do + describe file("#{tftp_root}/grub2/boot") do it { should be_symlink } it { should be_linked_to '../boot' } end diff --git a/spec/support/acceptance/tftp_root.rb b/spec/support/acceptance/tftp_root.rb new file mode 100644 index 00000000..a4e2a36d --- /dev/null +++ b/spec/support/acceptance/tftp_root.rb @@ -0,0 +1,8 @@ +def tftp_root + case host_inventory['facter']['os']['name'] + when 'Debian', 'Ubuntu' + '/srv/tftp' + else + '/var/lib/tftpboot' + end +end From bd4694a3b88282c823e08c120254698ff6ff7786 Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Tue, 9 Aug 2022 14:47:33 -0700 Subject: [PATCH 2/4] add remote_file::{owner,group} optional params --- manifests/remote_file.pp | 4 ++ .../defines/foreman_proxy_remote_file_spec.rb | 67 ++++++++++++++----- 2 files changed, 54 insertions(+), 17 deletions(-) diff --git a/manifests/remote_file.pp b/manifests/remote_file.pp index 1fd84744..6a626526 100644 --- a/manifests/remote_file.pp +++ b/manifests/remote_file.pp @@ -3,6 +3,8 @@ define foreman_proxy::remote_file ( Stdlib::Filesource $remote_location, Stdlib::Filemode $mode = '0644', + Optional[String[1]] $owner = undef, + Optional[String[1]] $group = undef, ) { $parent = dirname($title) File <| title == $parent |> @@ -13,6 +15,8 @@ -> file { $title: source => $remote_location, mode => $mode, + owner => $owner, + group => $group, replace => false, } } diff --git a/spec/defines/foreman_proxy_remote_file_spec.rb b/spec/defines/foreman_proxy_remote_file_spec.rb index e50715c1..d3420c49 100644 --- a/spec/defines/foreman_proxy_remote_file_spec.rb +++ b/spec/defines/foreman_proxy_remote_file_spec.rb @@ -1,31 +1,64 @@ require 'spec_helper' +shared_examples 'remote_file' do + it { is_expected.to contain_exec('mkdir -p /tmp') } +end + describe 'foreman_proxy::remote_file' do let(:title) { '/tmp/a' } - let(:params) do - { - remote_location: 'https://example.com/tmp/a', - mode: '0664' - } - end + context 'without owner/group params' do + let(:params) do + { + remote_location: 'https://example.com/tmp/a', + mode: '0664' + } + end - context 'default scenario' do - it { is_expected.to contain_exec('mkdir -p /tmp') } + context 'default scenario' do + include_examples 'remote_file' - it do - is_expected.to contain_file('/tmp/a') - .with_source('https://example.com/tmp/a') - .with_mode('0664') - .that_requires('Exec[mkdir -p /tmp]') + it do + is_expected.to contain_file('/tmp/a').with( + source: 'https://example.com/tmp/a', + mode: '0664', + owner: nil, + group: nil, + ).without( + ).that_requires('Exec[mkdir -p /tmp]') + end + end + + context 'with parent file defined' do + let :pre_condition do + "file { '/tmp': }" + end + + include_examples 'remote_file' + + it { is_expected.to contain_exec('mkdir -p /tmp').that_requires('File[/tmp]') } end end - context 'with parent file defined' do - let :pre_condition do - "file { '/tmp': }" + context 'with owner/group params' do + let(:params) do + { + remote_location: 'https://example.com/tmp/a', + mode: '0664', + owner: 'foo', + group: 'bar', + } end - it { is_expected.to contain_exec('mkdir -p /tmp').that_requires('File[/tmp]') } + include_examples 'remote_file' + + it do + is_expected.to contain_file('/tmp/a').with( + source: 'https://example.com/tmp/a', + mode: '0664', + owner: 'foo', + group: 'bar', + ).that_requires('Exec[mkdir -p /tmp]') + end end end From dbbcff7955d7970a90ad707204e7e6bbab5fbfbb Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Tue, 9 Aug 2022 14:53:43 -0700 Subject: [PATCH 3/4] change ownership of downloaded fdi-image to proxy user/group --- manifests/plugin/discovery.pp | 2 ++ spec/classes/foreman_proxy__plugin__discovery_spec.rb | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/manifests/plugin/discovery.pp b/manifests/plugin/discovery.pp index b27826fa..5d9018bd 100644 --- a/manifests/plugin/discovery.pp +++ b/manifests/plugin/discovery.pp @@ -41,6 +41,8 @@ foreman_proxy::remote_file { "${tftp_root_clean}/boot/${image_name}": remote_location => "${source_url}${image_name}", mode => '0644', + owner => $foreman_proxy::user, + group => $foreman_proxy::group, } ~> exec { "untar ${image_name}": command => "tar xf ${image_name}", path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', diff --git a/spec/classes/foreman_proxy__plugin__discovery_spec.rb b/spec/classes/foreman_proxy__plugin__discovery_spec.rb index 9455ebfd..46095a67 100644 --- a/spec/classes/foreman_proxy__plugin__discovery_spec.rb +++ b/spec/classes/foreman_proxy__plugin__discovery_spec.rb @@ -31,6 +31,7 @@ 'foreman-proxy' end end + let(:user) { group } describe 'without paramaters' do it { should compile.with_all_deps } @@ -62,8 +63,11 @@ it { should contain_foreman_proxy__feature('Discovery') } it 'should download and install tarball' do - should contain_foreman_proxy__remote_file("#{tftproot}/boot/fdi-image-latest.tar"). - with_remote_location('http://downloads.theforeman.org/discovery/releases/latest/fdi-image-latest.tar') + should contain_foreman_proxy__remote_file("#{tftproot}/boot/fdi-image-latest.tar").with( + remote_location: 'http://downloads.theforeman.org/discovery/releases/latest/fdi-image-latest.tar', + owner: user, + group: group, + ) end it 'should extract the tarball' do From 4d453949d336155280ff5f3f05372efb6f0ddf8c Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Tue, 9 Aug 2022 14:58:00 -0700 Subject: [PATCH 4/4] untar fdi-image as proxy user/group To prevent fdi-image files from being chown'd on subsequent puppet agent runs. --- examples/discovery_images.pp | 6 +++++ manifests/plugin/discovery.pp | 2 ++ spec/acceptance/discovery_spec.rb | 42 ++++++++++++++++++++++++++++--- 3 files changed, 46 insertions(+), 4 deletions(-) create mode 100644 examples/discovery_images.pp diff --git a/examples/discovery_images.pp b/examples/discovery_images.pp new file mode 100644 index 00000000..a6ac3649 --- /dev/null +++ b/examples/discovery_images.pp @@ -0,0 +1,6 @@ +class { 'foreman_proxy': + tftp => true, +} +class { 'foreman_proxy::plugin::discovery': + install_images => true, +} diff --git a/manifests/plugin/discovery.pp b/manifests/plugin/discovery.pp index 5d9018bd..57504113 100644 --- a/manifests/plugin/discovery.pp +++ b/manifests/plugin/discovery.pp @@ -48,6 +48,8 @@ path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', cwd => "${tftp_root_clean}/boot", creates => "${tftp_root_clean}/boot/fdi-image/initrd0.img", + user => $foreman_proxy::user, + group => $foreman_proxy::group, } } } diff --git a/spec/acceptance/discovery_spec.rb b/spec/acceptance/discovery_spec.rb index 16cb6803..7a3d8f49 100644 --- a/spec/acceptance/discovery_spec.rb +++ b/spec/acceptance/discovery_spec.rb @@ -1,13 +1,47 @@ require 'spec_helper_acceptance' +require 'json' + +shared_examples 'the discovery feature is enabled' do + describe command('curl -sk https://127.0.0.1:8443/features') do + it { expect(JSON.parse(subject.stdout)).to include('discovery', 'logs') } + its(:exit_status) { is_expected.to eq (0) } + end +end describe 'Scenario: install foreman-proxy with discovery plugin' do before(:context) { purge_foreman_proxy } - include_examples 'the example', 'discovery.pp' + context 'without params' do + include_examples 'the example', 'discovery.pp' + + it_behaves_like 'the default foreman proxy application' + it_behaves_like 'the discovery feature is enabled' + end + + context 'with install_images param' do + include_examples 'the example', 'discovery_images.pp' + + it_behaves_like 'the default foreman proxy application' + it_behaves_like 'the discovery feature is enabled' - it_behaves_like 'the default foreman proxy application' + %w[ + /boot/fdi-image-latest.tar + /boot/fdi-image/initrd0.img + /boot/fdi-image/vmlinuz0 + ].each do |f| + describe file(File.join(tftp_root, f)) do + it { is_expected.to be_file } + it { is_expected.to be_owned_by 'foreman-proxy' } + it { is_expected.to be_grouped_into 'foreman-proxy' } + it { is_expected.to be_mode '644' } + end + end - describe command('curl -sk https://127.0.0.1:8443/features | grep -q discovery') do - its(:exit_status) { should eq 0 } + describe file(File.join(tftp_root, '/boot/fdi-image')) do + it { is_expected.to be_directory } + it { is_expected.to be_owned_by 'foreman-proxy' } + it { is_expected.to be_grouped_into 'foreman-proxy' } + it { is_expected.to be_mode '755' } + end end end