diff --git a/manifests/config.pp b/manifests/config.pp index b499d927..5c09db2e 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -81,4 +81,28 @@ mode => '0640', require => Exec['Create database symmetric key'], } + + if $use_pulp2_content_route { + $context = { + 'directories' => [ + { + 'provider' => 'location', + 'path' => '/pulp/isos', + 'proxy_pass' => [ + { + 'url' => $pulpcore::apache::content_url, + 'params' => $pulpcore::apache::content_proxy_params, + }, + ], + 'request_headers' => [ + 'unset X-CLIENT-CERT', + 'set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT', + ], + }, + ], + } + $content = epp('pulpcore/apache-fragment.epp', $context) + } else { + $content = undef + } } diff --git a/manifests/init.pp b/manifests/init.pp index 25af6561..f423f4e1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -257,6 +257,7 @@ Optional[Boolean] $analytics = undef, Optional[Boolean] $hide_guarded_distributions = undef, Optional[Integer[1,100]] $import_workers_percent = undef, + Optional[Boolean] $use_pulp2_content_route = false, ) { $settings_file = "${config_dir}/settings.py" $certs_dir = "${config_dir}/certs" diff --git a/manifests/plugin/certguard.pp b/manifests/plugin/certguard.pp deleted file mode 100644 index d009a1ad..00000000 --- a/manifests/plugin/certguard.pp +++ /dev/null @@ -1,5 +0,0 @@ -# @summary Pulp Certguard plugin -class pulpcore::plugin::certguard { - pulpcore::plugin { 'certguard': - } -} diff --git a/manifests/plugin/file.pp b/manifests/plugin/file.pp deleted file mode 100644 index c3a884a3..00000000 --- a/manifests/plugin/file.pp +++ /dev/null @@ -1,35 +0,0 @@ -# @summary Pulp File plugin -# @param use_pulp2_content_route -# Whether to redirect the legacy (Pulp 2) URLs to the content server -class pulpcore::plugin::file ( - Boolean $use_pulp2_content_route = false, -) { - if $use_pulp2_content_route { - $context = { - 'directories' => [ - { - 'provider' => 'location', - 'path' => '/pulp/isos', - 'proxy_pass' => [ - { - 'url' => $pulpcore::apache::content_url, - 'params' => $pulpcore::apache::content_proxy_params, - }, - ], - 'request_headers' => [ - 'unset X-CLIENT-CERT', - 'set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT', - ], - }, - ], - } - $content = epp('pulpcore/apache-fragment.epp', $context) - } else { - $content = undef - } - - pulpcore::plugin { 'file': - http_content => $content, - https_content => $content, - } -} diff --git a/spec/acceptance/plugins_spec.rb b/spec/acceptance/plugins_spec.rb index e5e1fdf5..13f85fcc 100644 --- a/spec/acceptance/plugins_spec.rb +++ b/spec/acceptance/plugins_spec.rb @@ -6,10 +6,8 @@ <<-PUPPET include pulpcore include pulpcore::plugin::ansible - include pulpcore::plugin::certguard include pulpcore::plugin::container include pulpcore::plugin::deb - include pulpcore::plugin::file include pulpcore::plugin::ostree include pulpcore::plugin::python include pulpcore::plugin::rpm diff --git a/spec/classes/plugin_certguard_spec.rb b/spec/classes/plugin_certguard_spec.rb deleted file mode 100644 index f6f44e25..00000000 --- a/spec/classes/plugin_certguard_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'pulpcore::plugin::certguard' do - on_supported_os.each do |os, os_facts| - context "on #{os}" do - let(:facts) { os_facts } - - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_package('pulpcore-plugin(certguard)') } - it { is_expected.to contain_pulpcore__plugin('certguard') } - - context 'with pulpcore' do - let(:pre_condition) { 'include pulpcore' } - - it do - is_expected.to compile.with_all_deps - is_expected.to contain_pulpcore__plugin('certguard') - .that_subscribes_to('Class[Pulpcore::Install]') - .that_notifies(['Class[Pulpcore::Database]', 'Class[Pulpcore::Service]']) - end - end - end - end -end diff --git a/spec/classes/plugin_file_spec.rb b/spec/classes/plugin_file_spec.rb deleted file mode 100644 index 2e59f6e3..00000000 --- a/spec/classes/plugin_file_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper' - -describe 'pulpcore::plugin::file' do - on_supported_os.each do |os, os_facts| - context "on #{os}" do - let(:facts) { os_facts } - - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_package('pulpcore-plugin(file)') } - it { is_expected.to contain_pulpcore__plugin('file') } - - context 'with pulpcore' do - let(:pre_condition) { 'include pulpcore' } - - it do - is_expected.to compile.with_all_deps - is_expected.to contain_pulpcore__plugin('file') - .that_subscribes_to('Class[Pulpcore::Install]') - .that_notifies(['Class[Pulpcore::Database]', 'Class[Pulpcore::Service]']) - end - - context 'with pulp2 content route' do - let(:params) { { use_pulp2_content_route: true } } - - it 'contains the Apache fragment' do - is_expected.to compile.with_all_deps - is_expected.to contain_pulpcore__apache__fragment('plugin-file') - is_expected.to contain_apache__vhost__fragment('pulpcore-http-plugin-file') - .with_content( -< - RequestHeader unset X-CLIENT-CERT - RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT - ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 - ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content - -CONTENT - ) - is_expected.to contain_apache__vhost__fragment('pulpcore-https-plugin-file') - .with_content( -< - RequestHeader unset X-CLIENT-CERT - RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT - ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 - ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content - -CONTENT - ) - end - end - end - end - end -end diff --git a/spec/classes/pulpcore_spec.rb b/spec/classes/pulpcore_spec.rb index ef58af16..260f9e14 100644 --- a/spec/classes/pulpcore_spec.rb +++ b/spec/classes/pulpcore_spec.rb @@ -656,6 +656,39 @@ is_expected.to contain_service("pulpcore-worker@#{i}.service") .with_ensure(true) .with_enable(true) + end + + context 'with pulp2 content route' do + let(:params) { { use_pulp2_content_route: true } } + + it 'contains the Apache fragment' do + is_expected.to compile.with_all_deps + is_expected.to contain_pulpcore__apache__fragment('plugin-file') + is_expected.to contain_apache__vhost__fragment('pulpcore-http-plugin-file') + .with_content( + < + RequestHeader unset X-CLIENT-CERT + RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT + ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 + ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content + + CONTENT + ) + is_expected.to contain_apache__vhost__fragment('pulpcore-https-plugin-file') + .with_content( + < + RequestHeader unset X-CLIENT-CERT + RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT + ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 + ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content + + CONTENT + ) + end end end end