From a6a11f151c6bde035314888a9da1303651e2b469 Mon Sep 17 00:00:00 2001 From: Radu Pantiru Date: Mon, 8 Apr 2019 11:56:18 +0100 Subject: [PATCH 1/8] Fix for MongoDB v4 Replica Set initialization --- lib/puppet/provider/mongodb_replset/mongo.rb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lib/puppet/provider/mongodb_replset/mongo.rb b/lib/puppet/provider/mongodb_replset/mongo.rb index da5bc9e71..ef403851d 100644 --- a/lib/puppet/provider/mongodb_replset/mongo.rb +++ b/lib/puppet/provider/mongodb_replset/mongo.rb @@ -162,8 +162,8 @@ def get_hosts_status(members) alive.push(member) end - if status.key?('errmsg') && status['errmsg'].include?('no replset config has been received') - Puppet.debug 'Mongo v4 rs.status() RS not initialized output' + if status.key?('errmsg') && (status['errmsg'].include?('no replset config has been received')) + Puppet.info 'Mongo v4 rs.status() RS not initialized output' alive.push(member) end @@ -183,7 +183,6 @@ def get_hosts_status(members) Puppet.warning "Can't connect to replicaset member #{host}." end end - alive.uniq! dead = members - alive [alive, dead] end @@ -213,7 +212,7 @@ def get_members_changes(current_members_conf, new_members_conf) add_members.push(nm) end - [add_members.uniq, remove_members.uniq, update_members.uniq] + [add_members, remove_members, update_members] end def get_replset_settings_changes(current_settings, new_settings) From 5dd1275215b4d73600bbaf445e397c53e240ba73 Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Fri, 4 Dec 2020 17:41:22 +0000 Subject: [PATCH 2/8] Bumped up to upstream version 3.1.0 --- .github/CONTRIBUTING.md | 45 +- .pmtignore | 20 +- .rubocop.yml | 552 +++++++++++++++++- .sync.yml | 7 +- .travis.yml | 55 ++ CHANGELOG.md | 73 +-- Dockerfile | 5 +- Gemfile | 79 ++- Rakefile | 59 +- examples/sharding.pp | 35 +- lib/puppet/functions/mongodb_password.rb | 17 +- lib/puppet/provider/mongodb.rb | 11 +- lib/puppet/provider/mongodb_replset/mongo.rb | 7 +- lib/puppet/provider/mongodb_user/mongodb.rb | 14 +- manifests/client/params.pp | 1 - manifests/db.pp | 17 +- manifests/globals.pp | 6 + manifests/mongos.pp | 2 +- manifests/mongos/config.pp | 2 +- manifests/mongos/install.pp | 8 +- manifests/mongos/service.pp | 10 +- manifests/opsmanager.pp | 1 + manifests/params.pp | 16 +- manifests/repo.pp | 19 +- manifests/repo/apt.pp | 2 +- manifests/server/install.pp | 10 +- metadata.json | 30 +- spec/acceptance/mongos_spec.rb | 34 +- spec/acceptance/server_spec.rb | 41 +- spec/classes/client_spec.rb | 12 +- spec/classes/mongos_spec.rb | 56 +- spec/classes/repo_spec.rb | 8 - spec/classes/server_spec.rb | 36 +- spec/functions/mongodb_password_spec.rb | 3 - spec/spec_helper.rb | 62 +- spec/spec_helper_acceptance.rb | 29 +- .../provider/mongodb_database/mongodb_spec.rb | 8 +- .../provider/mongodb_replset/mongodb_spec.rb | 21 +- .../provider/mongodb_shard/mongodb_spec.rb | 9 +- .../provider/mongodb_user/mongodb_spec.rb | 26 +- 40 files changed, 977 insertions(+), 471 deletions(-) create mode 100644 .travis.yml diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 048d2b55d..f3ffb5703 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -25,7 +25,7 @@ By participating in this project you agree to abide by its terms. * Fork the repo. * Create a separate branch for your change. -* We only take pull requests with passing tests, and documentation. [GitHub Actions](https://docs.github.com/en/actions) run the tests for us. You can also execute them locally. This is explained [in a later section](#the-test-matrix). +* We only take pull requests with passing tests, and documentation. [travis-ci](http://travis-ci.org) runs the tests for us. You can also execute them locally. This is explained [in a later section](#the-test-matrix). * Checkout [our docs](https://voxpupuli.org/docs/reviewing_pr/) we use to review a module and the [official styleguide](https://puppet.com/docs/puppet/6.0/style_guide.html). They provide some guidance for new code that might help you before you submit a pull request. * Add a test for your change. Only refactoring and documentation changes require no new tests. If you are adding functionality or fixing a bug, please add a test. * Squash your commits down into logical components. Make sure to rebase against our current master. @@ -33,8 +33,6 @@ By participating in this project you agree to abide by its terms. Please be prepared to repeat some of these steps as our contributors review your code. -Also consider sending in your profile code that calls this component module as an acceptance test or provide it via an issue. This helps reviewers a lot to test your use case and prevents future regressions! - ## Writing proper commits - short version * Make commits of logical units. @@ -232,21 +230,50 @@ simple tests against it after applying the module. You can run this with: ```sh -BEAKER_setfile=debian10-x64 bundle exec rake beaker +bundle exec rake acceptance +``` + +This will run the tests on the module's default nodeset. You can override the +nodeset used, e.g., + +```sh +BEAKER_set=centos-7-x64 bundle exec rake acceptance +``` + +There are default rake tasks for the various acceptance test modules, e.g., + +```sh +bundle exec rake beaker:centos-7-x64 +bundle exec rake beaker:ssh:centos-7-x64 ``` -You can replace the string `debian10` with any common operating system. +If you don't want to have to recreate the virtual machine every time you can +use `BEAKER_destroy=no` and `BEAKER_provision=no`. On the first run you will at +least need `BEAKER_provision` set to yes (the default). The Vagrantfile for the +created virtual machines will be in `.vagrant/beaker_vagrant_files`. + +Beaker also supports docker containers. We also use that in our automated CI +pipeline at [travis-ci](http://travis-ci.org). To use that instead of Vagrant: + +```sh +PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=debian9-64{hypervisor=docker} BEAKER_destroy=yes bundle exec rake beaker +``` + +You can replace the string `debian9` with any common operating system. The following strings are known to work: * ubuntu1604 * ubuntu1804 -* ubuntu2004 +* debian8 * debian9 -* debian10 +* centos6 * centos7 -* centos8 -For more information and tips & tricks, see [voxpupuli-acceptance's documentation](https://github.com/voxpupuli/voxpupuli-acceptance#running-tests). +The easiest way to debug in a docker container is to open a shell: + +```sh +docker exec -it -u root ${container_id_or_name} bash +``` The source of this file is in our [modulesync_config](https://github.com/voxpupuli/modulesync_config/blob/master/moduleroot/.github/CONTRIBUTING.md.erb) repository. diff --git a/.pmtignore b/.pmtignore index 65f505149..4e6d54b82 100644 --- a/.pmtignore +++ b/.pmtignore @@ -1,15 +1,11 @@ -# Managed by modulesync - DO NOT EDIT -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ - docs/ pkg/ -Gemfile Gemfile.lock Gemfile.local vendor/ .vendor/ -spec/ -Rakefile +spec/fixtures/manifests/ +spec/fixtures/modules/ .vagrant/ .bundle/ .ruby-version @@ -17,21 +13,9 @@ coverage/ log/ .idea/ .dependencies/ -.github/ .librarian/ Puppetfile.lock *.iml -.editorconfig -.fixtures.yml -.gitignore -.msync.yml -.overcommit.yml -.pmtignore -.rspec -.rspec_parallel -.rubocop.yml -.sync.yml .*.sw? .yardoc/ -.yardopts Dockerfile diff --git a/.rubocop.yml b/.rubocop.yml index 53ac18982..74966fd03 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,6 +1,548 @@ ---- -# Managed by modulesync - DO NOT EDIT -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ +require: rubocop-rspec +AllCops: + TargetRubyVersion: 2.1 + Include: + - ./**/*.rb + Exclude: + - files/**/* + - vendor/**/* + - .vendor/**/* + - pkg/**/* + - spec/fixtures/**/* + - Gemfile + - Rakefile + - Guardfile + - Vagrantfile +Lint/ConditionPosition: + Enabled: True -inherit_gem: - voxpupuli-test: rubocop.yml +Lint/ElseLayout: + Enabled: True + +Lint/UnreachableCode: + Enabled: True + +Lint/UselessComparison: + Enabled: True + +Lint/EnsureReturn: + Enabled: True + +Lint/HandleExceptions: + Enabled: True + +Lint/LiteralInCondition: + Enabled: True + +Lint/ShadowingOuterLocalVariable: + Enabled: True + +Lint/LiteralInInterpolation: + Enabled: True + +Style/HashSyntax: + Enabled: True + +Style/RedundantReturn: + Enabled: True + +Layout/EndOfLine: + Enabled: False + +Lint/AmbiguousOperator: + Enabled: True + +Lint/AssignmentInCondition: + Enabled: True + +Layout/SpaceBeforeComment: + Enabled: True + +Style/AndOr: + Enabled: True + +Style/RedundantSelf: + Enabled: True + +Metrics/BlockLength: + Enabled: False + +# Method length is not necessarily an indicator of code quality +Metrics/MethodLength: + Enabled: False + +# Module length is not necessarily an indicator of code quality +Metrics/ModuleLength: + Enabled: False + +Style/WhileUntilModifier: + Enabled: True + +Lint/AmbiguousRegexpLiteral: + Enabled: True + +Security/Eval: + Enabled: True + +Lint/BlockAlignment: + Enabled: True + +Lint/DefEndAlignment: + Enabled: True + +Lint/EndAlignment: + Enabled: True + +Lint/DeprecatedClassMethods: + Enabled: True + +Lint/Loop: + Enabled: True + +Lint/ParenthesesAsGroupedExpression: + Enabled: True + +Lint/RescueException: + Enabled: True + +Lint/StringConversionInInterpolation: + Enabled: True + +Lint/UnusedBlockArgument: + Enabled: True + +Lint/UnusedMethodArgument: + Enabled: True + +Lint/UselessAccessModifier: + Enabled: True + +Lint/UselessAssignment: + Enabled: True + +Lint/Void: + Enabled: True + +Layout/AccessModifierIndentation: + Enabled: True + +Style/AccessorMethodName: + Enabled: True + +Style/Alias: + Enabled: True + +Layout/AlignArray: + Enabled: True + +Layout/AlignHash: + Enabled: True + +Layout/AlignParameters: + Enabled: True + +Metrics/BlockNesting: + Enabled: True + +Style/AsciiComments: + Enabled: True + +Style/Attr: + Enabled: True + +Style/BracesAroundHashParameters: + Enabled: True + +Style/CaseEquality: + Enabled: True + +Layout/CaseIndentation: + Enabled: True + +Style/CharacterLiteral: + Enabled: True + +Style/ClassAndModuleCamelCase: + Enabled: True + +Style/ClassAndModuleChildren: + Enabled: False + +Style/ClassCheck: + Enabled: True + +# Class length is not necessarily an indicator of code quality +Metrics/ClassLength: + Enabled: False + +Style/ClassMethods: + Enabled: True + +Style/ClassVars: + Enabled: True + +Style/WhenThen: + Enabled: True + +Style/WordArray: + Enabled: True + +Style/UnneededPercentQ: + Enabled: True + +Layout/Tab: + Enabled: True + +Layout/SpaceBeforeSemicolon: + Enabled: True + +Layout/TrailingBlankLines: + Enabled: True + +Layout/SpaceInsideBlockBraces: + Enabled: True + +Layout/SpaceInsideBrackets: + Enabled: True + +Layout/SpaceInsideHashLiteralBraces: + Enabled: True + +Layout/SpaceInsideParens: + Enabled: True + +Layout/LeadingCommentSpace: + Enabled: True + +Layout/SpaceBeforeFirstArg: + Enabled: True + +Layout/SpaceAfterColon: + Enabled: True + +Layout/SpaceAfterComma: + Enabled: True + +Layout/SpaceAfterMethodName: + Enabled: True + +Layout/SpaceAfterNot: + Enabled: True + +Layout/SpaceAfterSemicolon: + Enabled: True + +Layout/SpaceAroundEqualsInParameterDefault: + Enabled: True + +Layout/SpaceAroundOperators: + Enabled: True + +Layout/SpaceBeforeBlockBraces: + Enabled: True + +Layout/SpaceBeforeComma: + Enabled: True + +Style/CollectionMethods: + Enabled: True + +Layout/CommentIndentation: + Enabled: True + +Style/ColonMethodCall: + Enabled: True + +Style/CommentAnnotation: + Enabled: True + +# 'Complexity' is very relative +Metrics/CyclomaticComplexity: + Enabled: False + +Style/ConstantName: + Enabled: True + +Style/Documentation: + Enabled: False + +Style/DefWithParentheses: + Enabled: True + +Style/PreferredHashMethods: + Enabled: True + +Layout/DotPosition: + EnforcedStyle: trailing + +Style/DoubleNegation: + Enabled: True + +Style/EachWithObject: + Enabled: True + +Layout/EmptyLineBetweenDefs: + Enabled: True + +Layout/IndentArray: + Enabled: True + +Layout/IndentHash: + Enabled: True + +Layout/IndentationConsistency: + Enabled: True + +Layout/IndentationWidth: + Enabled: True + +Layout/EmptyLines: + Enabled: True + +Layout/EmptyLinesAroundAccessModifier: + Enabled: True + +Style/EmptyLiteral: + Enabled: True + +# Configuration parameters: AllowURI, URISchemes. +Metrics/LineLength: + Enabled: False + +Style/MethodCallWithoutArgsParentheses: + Enabled: True + +Style/MethodDefParentheses: + Enabled: True + +Style/LineEndConcatenation: + Enabled: True + +Layout/TrailingWhitespace: + Enabled: True + +Style/StringLiterals: + Enabled: True + +Style/TrailingCommaInArguments: + Enabled: True + +Style/TrailingCommaInLiteral: + Enabled: True + +Style/GlobalVars: + Enabled: True + +Style/GuardClause: + Enabled: True + +Style/IfUnlessModifier: + Enabled: True + +Style/MultilineIfThen: + Enabled: True + +Style/NegatedIf: + Enabled: True + +Style/NegatedWhile: + Enabled: True + +Style/Next: + Enabled: True + +Style/SingleLineBlockParams: + Enabled: True + +Style/SingleLineMethods: + Enabled: True + +Style/SpecialGlobalVars: + Enabled: True + +Style/TrivialAccessors: + Enabled: True + +Style/UnlessElse: + Enabled: True + +Style/VariableInterpolation: + Enabled: True + +Style/VariableName: + Enabled: True + +Style/WhileUntilDo: + Enabled: True + +Style/EvenOdd: + Enabled: True + +Style/FileName: + Enabled: True + +Style/For: + Enabled: True + +Style/Lambda: + Enabled: True + +Style/MethodName: + Enabled: True + +Style/MultilineTernaryOperator: + Enabled: True + +Style/NestedTernaryOperator: + Enabled: True + +Style/NilComparison: + Enabled: True + +Style/FormatString: + Enabled: True + +Style/MultilineBlockChain: + Enabled: True + +Style/Semicolon: + Enabled: True + +Style/SignalException: + Enabled: True + +Style/NonNilCheck: + Enabled: True + +Style/Not: + Enabled: True + +Style/NumericLiterals: + Enabled: True + +Style/OneLineConditional: + Enabled: True + +Style/OpMethod: + Enabled: True + +Style/ParenthesesAroundCondition: + Enabled: True + +Style/PercentLiteralDelimiters: + Enabled: True + +Style/PerlBackrefs: + Enabled: True + +Style/PredicateName: + Enabled: True + +Style/RedundantException: + Enabled: True + +Style/SelfAssignment: + Enabled: True + +Style/Proc: + Enabled: True + +Style/RaiseArgs: + Enabled: True + +Style/RedundantBegin: + Enabled: True + +Style/RescueModifier: + Enabled: True + +# based on https://github.com/voxpupuli/modulesync_config/issues/168 +Style/RegexpLiteral: + EnforcedStyle: percent_r + Enabled: True + +Lint/UnderscorePrefixedVariableName: + Enabled: True + +Metrics/ParameterLists: + Enabled: False + +Lint/RequireParentheses: + Enabled: True + +Style/ModuleFunction: + Enabled: True + +Lint/Debugger: + Enabled: True + +Style/IfWithSemicolon: + Enabled: True + +Style/Encoding: + Enabled: True + +Style/BlockDelimiters: + Enabled: True + +Layout/MultilineBlockLayout: + Enabled: True + +# 'Complexity' is very relative +Metrics/AbcSize: + Enabled: False + +# 'Complexity' is very relative +Metrics/PerceivedComplexity: + Enabled: False + +Lint/UselessAssignment: + Enabled: True + +Layout/ClosingParenthesisIndentation: + Enabled: True + +# RSpec + +RSpec/BeforeAfterAll: + Exclude: + - spec/acceptance/**/* + +# We don't use rspec in this way +RSpec/DescribeClass: + Enabled: False + +# Example length is not necessarily an indicator of code quality +RSpec/ExampleLength: + Enabled: False + +RSpec/NamedSubject: + Enabled: False + +# disabled for now since they cause a lot of issues +# these issues aren't easy to fix +RSpec/RepeatedDescription: + Enabled: False + +RSpec/NestedGroups: + Enabled: False + +# this is broken on ruby1.9 +Layout/IndentHeredoc: + Enabled: False + +# disable Yaml safe_load. This is needed to support ruby2.0.0 development envs +Security/YAMLLoad: + Enabled: false + +# This affects hiera interpolation, as well as some configs that we push. +Style/FormatStringToken: + Enabled: false + +# This is useful, but sometimes a little too picky about where unit tests files +# are located. +RSpec/FilePath: + Enabled: false + +RSpec/MessageSpies: + EnforcedStyle: receive diff --git a/.sync.yml b/.sync.yml index 8d4c9309e..015289a8a 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,5 +1,8 @@ +# the mongodb tests currently do not work on MongoDB 3.x or newer --- +.travis.yml: + secure: "TcZjuTP5ooDXZNRnG1M+wqmT/Lqcg8CwZfLljGlDSjDEN2siUhflHf9A81q5XL17oN4BkQtPmLvu7d/7xijUOiqDWXG9PC/Xr3QsTTmjtEo5l2Ne7jO+HrXO0Ron6LjEy47PeUWVQs7JcLRQL1SpxlNkt/Xe7oSoL10PmP2GYJc=" + docker_sets: + - set: centos7-64 appveyor.yml: delete: true -.github/workflows/ci.yml: - pidfile_workaround: CentOS,Ubuntu \ No newline at end of file diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 000000000..0d531a3dd --- /dev/null +++ b/.travis.yml @@ -0,0 +1,55 @@ +--- +dist: bionic +language: ruby +cache: bundler +before_install: + - yes | gem update --system + - bundle --version +script: + - 'bundle exec rake $CHECK' +matrix: + fast_finish: true + include: + - rvm: 2.4.4 + bundler_args: --without system_tests development release + env: PUPPET_VERSION="~> 5.0" CHECK=test + - rvm: 2.5.3 + bundler_args: --without system_tests development release + env: PUPPET_VERSION="~> 6.0" CHECK=test_with_coveralls + - rvm: 2.5.3 + bundler_args: --without system_tests development release + env: PUPPET_VERSION="~> 6.0" CHECK=rubocop + - rvm: 2.4.4 + bundler_args: --without system_tests development release + env: PUPPET_VERSION="~> 5.0" CHECK=build DEPLOY_TO_FORGE=yes + - rvm: 2.5.3 + bundler_args: --without development release + env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos7-64 BEAKER_HYPERVISOR=docker CHECK=beaker + services: docker + - rvm: 2.5.3 + bundler_args: --without development release + env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=centos7-64 BEAKER_HYPERVISOR=docker CHECK=beaker + services: docker +branches: + only: + - master + - /^v\d/ +notifications: + email: false + webhooks: https://voxpupu.li/incoming/travis + irc: + on_success: always + on_failure: always + channels: + - "chat.freenode.org#voxpupuli-notifications" +deploy: + provider: puppetforge + user: puppet + password: + secure: "TcZjuTP5ooDXZNRnG1M+wqmT/Lqcg8CwZfLljGlDSjDEN2siUhflHf9A81q5XL17oN4BkQtPmLvu7d/7xijUOiqDWXG9PC/Xr3QsTTmjtEo5l2Ne7jO+HrXO0Ron6LjEy47PeUWVQs7JcLRQL1SpxlNkt/Xe7oSoL10PmP2GYJc=" + on: + tags: true + # all_branches is required to use tags + all_branches: true + # Only publish the build marked with "DEPLOY_TO_FORGE" + condition: "$DEPLOY_TO_FORGE = yes" diff --git a/CHANGELOG.md b/CHANGELOG.md index 44b7d5101..c88a6f553 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,78 +4,7 @@ All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module. -## [v4.1.1](https://github.com/voxpupuli/puppet-mongodb/tree/v4.1.1) (2022-03-11) - -[Full Changelog](https://github.com/voxpupuli/puppet-mongodb/compare/v4.1.0...v4.1.1) - -**Fixed bugs:** - -- Do not manage the repository on RedHat when manage\_package\_repo is set to false [\#637](https://github.com/voxpupuli/puppet-mongodb/pull/637) ([fe80](https://github.com/fe80)) - -**Closed issues:** - -- `mongodb::repo` is always include for some family [\#636](https://github.com/voxpupuli/puppet-mongodb/issues/636) - -## [v4.1.0](https://github.com/voxpupuli/puppet-mongodb/tree/v4.1.0) (2021-10-28) - -[Full Changelog](https://github.com/voxpupuli/puppet-mongodb/compare/v4.0.0...v4.1.0) - -**Implemented enhancements:** - -- Add support for Suse Linux [\#624](https://github.com/voxpupuli/puppet-mongodb/pull/624) ([fbrehm](https://github.com/fbrehm)) -- Add mongo 5.0 debian / ubuntu apt key [\#615](https://github.com/voxpupuli/puppet-mongodb/pull/615) ([xepa](https://github.com/xepa)) - -**Fixed bugs:** - -- Run apt update before installing package [\#628](https://github.com/voxpupuli/puppet-mongodb/pull/628) ([malcyon](https://github.com/malcyon)) - -**Closed issues:** - -- Fails to install on Ubuntu 20.04 [\#627](https://github.com/voxpupuli/puppet-mongodb/issues/627) -- Missing key for Apt for installing 5.0 mongo [\#614](https://github.com/voxpupuli/puppet-mongodb/issues/614) -- Error: Could not prefetch mongodb\_replset provider 'mongo': 765: unexpected token at 'WARNING: \) is deprecated and may be removed in the next major release. Please use secondaryOk\(\) [\#612](https://github.com/voxpupuli/puppet-mongodb/issues/612) -- 4.x version. Initialization of replset and user creation problem. [\#583](https://github.com/voxpupuli/puppet-mongodb/issues/583) - -## [v4.0.0](https://github.com/voxpupuli/puppet-mongodb/tree/v4.0.0) (2021-09-03) - -[Full Changelog](https://github.com/voxpupuli/puppet-mongodb/compare/v3.1.0...v4.0.0) - -**Breaking changes:** - -- Drop Puppet 5/Add puppet 7 support [\#617](https://github.com/voxpupuli/puppet-mongodb/pull/617) ([root-expert](https://github.com/root-expert)) -- Drop Ubuntu 16/Add Ubuntu 20 support [\#616](https://github.com/voxpupuli/puppet-mongodb/pull/616) ([root-expert](https://github.com/root-expert)) - -**Implemented enhancements:** - -- Support managing selinux [\#413](https://github.com/voxpupuli/puppet-mongodb/issues/413) -- Add Debian 10 support [\#619](https://github.com/voxpupuli/puppet-mongodb/pull/619) ([root-expert](https://github.com/root-expert)) -- Use Puppet-Datatype Sensitive for Passwords [\#611](https://github.com/voxpupuli/puppet-mongodb/pull/611) ([cocker-cc](https://github.com/cocker-cc)) -- Change set\_parameter to be an array of strings [\#595](https://github.com/voxpupuli/puppet-mongodb/pull/595) ([ZloeSabo](https://github.com/ZloeSabo)) -- Use rs.secondaryOk on versions that deprecated rs.slaveOk [\#594](https://github.com/voxpupuli/puppet-mongodb/pull/594) ([svenbs](https://github.com/svenbs)) -- Add MongoDB 4.4 repository signing key. [\#592](https://github.com/voxpupuli/puppet-mongodb/pull/592) ([dhs-rec](https://github.com/dhs-rec)) - -**Fixed bugs:** - -- Existence of /root/.mongorc.js triggers mongod restart [\#449](https://github.com/voxpupuli/puppet-mongodb/issues/449) -- Fix MongoDB installation on RedHat family [\#606](https://github.com/voxpupuli/puppet-mongodb/pull/606) ([hdep](https://github.com/hdep)) -- Update mongodb-shard.conf.erb [\#591](https://github.com/voxpupuli/puppet-mongodb/pull/591) ([andreish](https://github.com/andreish)) -- Fix mongorc.js file when authentication is not enabled. [\#590](https://github.com/voxpupuli/puppet-mongodb/pull/590) ([vladpetrus](https://github.com/vladpetrus)) -- Fix digestPassword typo mongodb.rb [\#589](https://github.com/voxpupuli/puppet-mongodb/pull/589) ([covidium](https://github.com/covidium)) - -**Closed issues:** - -- MongoDB 4.2.10 starts to emit warnings about slaveOk\(\) being deprecated, which breaks the module [\#596](https://github.com/voxpupuli/puppet-mongodb/issues/596) -- Can't use mongodb repository on debian 9 [\#529](https://github.com/voxpupuli/puppet-mongodb/issues/529) - -**Merged pull requests:** - -- puppet-lint: fix top\_scope\_facts warnings [\#621](https://github.com/voxpupuli/puppet-mongodb/pull/621) ([bastelfreak](https://github.com/bastelfreak)) -- Allow stdlib 8.x and apt 8.x [\#620](https://github.com/voxpupuli/puppet-mongodb/pull/620) ([smortex](https://github.com/smortex)) -- modulesync 3.0.0 & puppet-lint updates [\#586](https://github.com/voxpupuli/puppet-mongodb/pull/586) ([bastelfreak](https://github.com/bastelfreak)) -- Describe disabling logpath to make syslog work [\#585](https://github.com/voxpupuli/puppet-mongodb/pull/585) ([lennartkoopmann](https://github.com/lennartkoopmann)) -- Use voxpupuli-acceptance [\#580](https://github.com/voxpupuli/puppet-mongodb/pull/580) ([ekohl](https://github.com/ekohl)) - -## [v3.1.0](https://github.com/voxpupuli/puppet-mongodb/tree/v3.1.0) (2020-02-11) +## [v3.1.0](https://github.com/voxpupuli/puppet-mongodb/tree/v3.1.0) (2020-02-10) [Full Changelog](https://github.com/voxpupuli/puppet-mongodb/compare/v3.0.0...v3.1.0) diff --git a/Dockerfile b/Dockerfile index e3cf307f1..6fd634227 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,4 @@ -# MANAGED BY MODULESYNC -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ - -FROM ruby:2.7 +FROM ruby:2.5.3 WORKDIR /opt/puppet diff --git a/Gemfile b/Gemfile index a39114ce3..50a903019 100644 --- a/Gemfile +++ b/Gemfile @@ -1,34 +1,85 @@ -# Managed by modulesync - DO NOT EDIT -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ - source ENV['GEM_SOURCE'] || "https://rubygems.org" +def location_for(place, fake_version = nil) + if place =~ /^(git[:@][^#]*)#(.*)/ + [fake_version, { :git => $1, :branch => $2, :require => false }].compact + elsif place =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [place, { :require => false }] + end +end + group :test do - gem 'voxpupuli-test', '~> 2.5', :require => false - gem 'coveralls', :require => false - gem 'simplecov-console', :require => false - gem 'puppet_metadata', '~> 1.0', :require => false + gem 'puppetlabs_spec_helper', '>= 2.14.0', :require => false + gem 'rspec-puppet-facts', '>= 1.9.5', :require => false + gem 'rspec-puppet-utils', :require => false + gem 'puppet-lint-leading_zero-check', :require => false + gem 'puppet-lint-trailing_comma-check', :require => false + gem 'puppet-lint-version_comparison-check', :require => false + gem 'puppet-lint-classes_and_types_beginning_with_digits-check', :require => false + gem 'puppet-lint-unquoted_string-check', :require => false + gem 'puppet-lint-variable_contains_upcase', :require => false + gem 'puppet-lint-absolute_classname-check', '>= 2.0.0', :require => false + gem 'puppet-lint-topscope-variable-check', :require => false + gem 'puppet-lint-legacy_facts-check', :require => false + gem 'puppet-lint-anchor-check', :require => false + gem 'metadata-json-lint', :require => false + gem 'redcarpet', :require => false + gem 'rubocop', '~> 0.49.1', :require => false + gem 'rubocop-rspec', '~> 1.15.0', :require => false + gem 'mocha', '~> 1.4.0', :require => false + gem 'coveralls', :require => false + gem 'simplecov-console', :require => false + gem 'parallel_tests', :require => false end group :development do + gem 'travis', :require => false + gem 'travis-lint', :require => false gem 'guard-rake', :require => false gem 'overcommit', '>= 0.39.1', :require => false end group :system_tests do - gem 'voxpupuli-acceptance', '~> 1.0', :require => false + gem 'winrm', :require => false + if beaker_version = ENV['BEAKER_VERSION'] + gem 'beaker', *location_for(beaker_version) + else + gem 'beaker', '>= 4.2.0', :require => false + end + if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] + gem 'beaker-rspec', *location_for(beaker_rspec_version) + else + gem 'beaker-rspec', :require => false + end + gem 'serverspec', :require => false + gem 'beaker-hostgenerator', '>= 1.1.22', :require => false + gem 'beaker-docker', :require => false + gem 'beaker-puppet', :require => false + gem 'beaker-puppet_install_helper', :require => false + gem 'beaker-module_install_helper', :require => false + gem 'rbnacl', '>= 4', :require => false + gem 'rbnacl-libsodium', :require => false + gem 'bcrypt_pbkdf', :require => false end group :release do - gem 'github_changelog_generator', '>= 1.16.1', :require => false if RUBY_VERSION >= '2.5' - gem 'voxpupuli-release', '>= 1.0.2', :require => false - gem 'puppet-strings', '>= 2.2', :require => false + gem 'github_changelog_generator', :require => false, :git => 'https://github.com/voxpupuli/github-changelog-generator', :branch => 'voxpupuli_essential_fixes' + gem 'puppet-blacksmith', :require => false + gem 'voxpupuli-release', :require => false + gem 'puppet-strings', '>= 2.2', :require => false end -gem 'rake', :require => false -gem 'facter', ENV['FACTER_GEM_VERSION'], :require => false, :groups => [:test] -puppetversion = ENV['PUPPET_VERSION'] || '>= 6.0' + +if facterversion = ENV['FACTER_GEM_VERSION'] + gem 'facter', facterversion.to_s, :require => false, :groups => [:test] +else + gem 'facter', :require => false, :groups => [:test] +end + +ENV['PUPPET_VERSION'].nil? ? puppetversion = '~> 6.0' : puppetversion = ENV['PUPPET_VERSION'].to_s gem 'puppet', puppetversion, :require => false, :groups => [:test] # vim: syntax=ruby diff --git a/Rakefile b/Rakefile index 80b799d63..c0f2d37da 100644 --- a/Rakefile +++ b/Rakefile @@ -1,30 +1,42 @@ -# Managed by modulesync - DO NOT EDIT -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ +require 'puppetlabs_spec_helper/rake_tasks' -# Attempt to load voxupuli-test (which pulls in puppetlabs_spec_helper), -# otherwise attempt to load it directly. +# load optional tasks for releases +# only available if gem group releases is installed begin - require 'voxpupuli/test/rake' + require 'voxpupuli/release/rake_tasks' rescue LoadError - begin - require 'puppetlabs_spec_helper/rake_tasks' - rescue LoadError - end end -# load optional tasks for acceptance -# only available if gem group releases is installed -begin - require 'voxpupuli/acceptance/rake' -rescue LoadError +PuppetLint.configuration.log_format = '%{path}:%{line}:%{check}:%{KIND}:%{message}' + +desc 'Auto-correct puppet-lint offenses' +task 'lint:auto_correct' do + Rake::Task[:lint_fix].invoke end -# load optional tasks for releases -# only available if gem group releases is installed -begin - require 'voxpupuli/release/rake_tasks' -rescue LoadError +desc 'Run acceptance tests' +RSpec::Core::RakeTask.new(:acceptance) do |t| + t.pattern = 'spec/acceptance' +end + +desc 'Run tests' +task test: [:release_checks] + +namespace :check do + desc 'Check for trailing whitespace' + task :trailing_whitespace do + Dir.glob('**/*.md', File::FNM_DOTMATCH).sort.each do |filename| + next if filename =~ %r{^((modules|acceptance|\.?vendor|spec/fixtures|pkg)/|REFERENCE.md)} + File.foreach(filename).each_with_index do |line, index| + if line =~ %r{\s\n$} + puts "#{filename} has trailing whitespace on line #{index + 1}" + exit 1 + end + end + end + end end +Rake::Task[:release_checks].enhance ['check:trailing_whitespace'] desc "Run main 'test' task and report merged results to coveralls" task test_with_coveralls: [:test] do @@ -45,14 +57,15 @@ end begin require 'github_changelog_generator/task' - require 'puppet_blacksmith' GitHubChangelogGenerator::RakeTask.new :changelog do |config| - metadata = Blacksmith::Modulefile.new - config.future_release = "v#{metadata.version}" if metadata.version =~ /^\d+\.\d+.\d+$/ + version = (Blacksmith::Modulefile.new).version + config.future_release = "v#{version}" if version =~ /^\d+\.\d+.\d+$/ config.header = "# Changelog\n\nAll notable changes to this project will be documented in this file.\nEach new release typically also includes the latest modulesync defaults.\nThese should not affect the functionality of the module." config.exclude_labels = %w{duplicate question invalid wontfix wont-fix modulesync skip-changelog} config.user = 'voxpupuli' - config.project = metadata.metadata['name'] + metadata_json = File.join(File.dirname(__FILE__), 'metadata.json') + metadata = JSON.load(File.read(metadata_json)) + config.project = metadata['name'] end # Workaround for https://github.com/github-changelog-generator/github-changelog-generator/issues/715 diff --git a/examples/sharding.pp b/examples/sharding.pp index 4f7d918b6..0d7986d43 100644 --- a/examples/sharding.pp +++ b/examples/sharding.pp @@ -1,51 +1,56 @@ node 'mongos' { - class { 'mongodb::globals': + + class {'mongodb::globals': manage_package_repo => true, } - -> class { 'mongodb::server': + -> class {'mongodb::server': configsvr => true, bind_ip => [$facts['networking']['ip']], } - -> class { 'mongodb::client': } - -> class { 'mongodb::mongos': + -> class {'mongodb::client': } + -> class {'mongodb::mongos': configdb => ["${facts['networking']['ip']}:27019"], } -> mongodb_shard { 'rs1' : member => 'rs1/mongod1:27018', keys => [{ - 'rs1.foo' => { - 'name' => 1, - } + 'rs1.foo' => { + 'name' => 1, + } }], } + } node 'mongod1' { - class { 'mongodb::globals': + + class {'mongodb::globals': manage_package_repo => true, } - -> class { 'mongodb::server': + -> class {'mongodb::server': shardsvr => true, replset => 'rs1', bind_ip => [$facts['networking']['ip']], } - -> class { 'mongodb::client': } - mongodb_replset { 'rs1': + -> class {'mongodb::client': } + mongodb_replset{'rs1': members => ['mongod1:27018', 'mongod2:27018'], } } node 'mongod2' { - class { 'mongodb::globals': + + class {'mongodb::globals': manage_package_repo => true, } - -> class { 'mongodb::server': + -> class {'mongodb::server': shardsvr => true, replset => 'rs1', bind_ip => [$facts['networking']['ip']], } - -> class { 'mongodb::client': } - mongodb_replset { 'rs1': + -> class {'mongodb::client': } + mongodb_replset{'rs1': members => ['mongod1:27018', 'mongod2:27018'], } + } diff --git a/lib/puppet/functions/mongodb_password.rb b/lib/puppet/functions/mongodb_password.rb index 1f195b94a..d5c08716e 100644 --- a/lib/puppet/functions/mongodb_password.rb +++ b/lib/puppet/functions/mongodb_password.rb @@ -3,19 +3,12 @@ # Get the mongodb password hash from the clear text password. Puppet::Functions.create_function(:mongodb_password) do dispatch :mongodb_password do - required_param 'String[1]', :username - required_param 'Variant[String[1], Sensitive[String[1]]]', :password - optional_param 'Boolean', :sensitive - return_type 'Variant[String, Sensitive[String]]' + param 'String[1]', :username + param 'String[1]', :password + return_type 'String' end - def mongodb_password(username, password, sensitive = false) - password = password.unwrap if password.respond_to?(:unwrap) - result_string = Puppet::Util::MongodbMd5er.md5(username, password) - if sensitive - Puppet::Pops::Types::PSensitiveType::Sensitive.new(result_string) - else - result_string - end + def mongodb_password(username, password) + Puppet::Util::MongodbMd5er.md5(username, password) end end diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 396ccf791..56919be77 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -111,7 +111,7 @@ def self.db_ismaster cmd_ismaster = 'db.isMaster().ismaster' cmd_ismaster = mongorc_file + cmd_ismaster if mongorc_file db = 'admin' - res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.split(%r{\n}).last.chomp + res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp res.eql?('true') end @@ -183,13 +183,4 @@ def self.mongo_4? def mongo_4? self.class.mongo_4? end - - def self.mongo_5? - v = mongo_version - !v[%r{^5\.}].nil? - end - - def mongo_5? - self.class.mongo_5? - end end diff --git a/lib/puppet/provider/mongodb_replset/mongo.rb b/lib/puppet/provider/mongodb_replset/mongo.rb index ef403851d..da5bc9e71 100644 --- a/lib/puppet/provider/mongodb_replset/mongo.rb +++ b/lib/puppet/provider/mongodb_replset/mongo.rb @@ -162,8 +162,8 @@ def get_hosts_status(members) alive.push(member) end - if status.key?('errmsg') && (status['errmsg'].include?('no replset config has been received')) - Puppet.info 'Mongo v4 rs.status() RS not initialized output' + if status.key?('errmsg') && status['errmsg'].include?('no replset config has been received') + Puppet.debug 'Mongo v4 rs.status() RS not initialized output' alive.push(member) end @@ -183,6 +183,7 @@ def get_hosts_status(members) Puppet.warning "Can't connect to replicaset member #{host}." end end + alive.uniq! dead = members - alive [alive, dead] end @@ -212,7 +213,7 @@ def get_members_changes(current_members_conf, new_members_conf) add_members.push(nm) end - [add_members, remove_members, update_members] + [add_members.uniq, remove_members.uniq, update_members.uniq] end def get_replset_settings_changes(current_settings, new_settings) diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 3e4065dac..b86beb694 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -8,15 +8,7 @@ def self.instances require 'json' if db_ismaster - script = 'printjson(db.system.users.find().toArray())' - # A hack to prevent prefetching failures until admin user is created - script = "try {#{script}} catch (e) { if (e.message.match(/not authorized on admin/)) { 'not authorized on admin' } else {throw e}}" if auth_enabled - - out = mongo_eval(script) - - return [] if auth_enabled && out.include?('not authorized on admin') - - users = JSON.parse out + users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())') users.map do |user| new(name: user['_id'], @@ -61,7 +53,7 @@ def create digestPassword: false } - if mongo_4? || mongo_5? + if mongo_4? # SCRAM-SHA-256 requires digestPassword to be true. command[:mechanisms] = ['SCRAM-SHA-1'] end @@ -109,7 +101,7 @@ def password=(value) command = { updateUser: @resource[:username], pwd: @resource[:password], - digestPassword: true + digestpassword: true } mongo_eval("db.runCommand(#{command.to_json})", @resource[:database]) diff --git a/manifests/client/params.pp b/manifests/client/params.pp index bbc4d07ea..2ce3024bd 100644 --- a/manifests/client/params.pp +++ b/manifests/client/params.pp @@ -8,7 +8,6 @@ } else { $package_name = $facts['os']['family'] ? { 'Debian' => 'mongodb-clients', - 'Redhat' => "mongodb-${mongodb::globals::edition}-shell", default => 'mongodb', } } diff --git a/manifests/db.pp b/manifests/db.pp index 2f7f38d6f..e2074292c 100644 --- a/manifests/db.pp +++ b/manifests/db.pp @@ -12,22 +12,21 @@ # tries (default: 10) - The maximum amount of two second tries to wait MongoDB startup. # define mongodb::db ( - String $user, - String $db_name = $name, - Optional[Variant[String[1], Sensitive[String[1]]]] $password_hash = undef, - Optional[Variant[String[1], Sensitive[String[1]]]] $password = undef, - Array[String] $roles = ['dbAdmin'], - Integer[0] $tries = 10, + String $user, + String $db_name = $name, + Optional[String] $password_hash = undef, + Optional[String] $password = undef, + Array[String] $roles = ['dbAdmin'], + Integer[0] $tries = 10, ) { + unless $facts['mongodb_is_master'] == 'false' { # lint:ignore:quoted_booleans mongodb_database { $db_name: ensure => present, tries => $tries, } - if $password_hash =~ Sensitive[String] { - $hash = $password_hash.unwrap - } elsif $password_hash { + if $password_hash { $hash = $password_hash } elsif $password { $hash = mongodb_password($user, $password) diff --git a/manifests/globals.pp b/manifests/globals.pp index 81dd33e0c..9443a5e0a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -42,6 +42,12 @@ $edition = 'org' } + if $use_enterprise_repo { + $edition = 'enterprise' + } else { + $edition = 'org' + } + # Setup of the repo only makes sense globally, so we are doing it here. case $facts['os']['family'] { 'RedHat', 'Linux', 'Suse': { diff --git a/manifests/mongos.pp b/manifests/mongos.pp index f73a634ca..edc6a6a8e 100644 --- a/manifests/mongos.pp +++ b/manifests/mongos.pp @@ -8,7 +8,6 @@ Boolean $service_manage = $mongodb::mongos::params::service_manage, Optional[String] $service_provider = $mongodb::mongos::params::service_provider, Optional[String] $service_name = $mongodb::mongos::params::service_name, - Optional[String[1]] $service_template = $mongodb::mongos::params::service_template, Boolean $service_enable = $mongodb::mongos::params::service_enable, Stdlib::Ensure::Service $service_ensure = $mongodb::mongos::params::service_ensure, Optional[String] $service_status = $mongodb::mongos::params::service_status, @@ -39,4 +38,5 @@ } else { Class['mongodb::mongos::service'] -> Class['mongodb::mongos::config'] -> Class['mongodb::mongos::install'] } + } diff --git a/manifests/mongos/config.pp b/manifests/mongos/config.pp index cff260155..7392ddde0 100644 --- a/manifests/mongos/config.pp +++ b/manifests/mongos/config.pp @@ -38,7 +38,7 @@ } if $service_manage { - if $facts['os']['family'] == 'RedHat' or $facts['os']['family'] == 'Suse' { + if $facts['os']['family'] == 'RedHat' { file { '/etc/sysconfig/mongos' : ensure => $ensure, owner => 'root', diff --git a/manifests/mongos/install.pp b/manifests/mongos/install.pp index ac480db2f..82d8204d6 100644 --- a/manifests/mongos/install.pp +++ b/manifests/mongos/install.pp @@ -3,17 +3,13 @@ $package_ensure = $mongodb::mongos::package_ensure, $package_name = $mongodb::mongos::package_name, ) { - if $facts['os']['family'] == 'Suse' and $package_ensure == 'purged' { - $_package_ensure = 'absent' - } else { - $_package_ensure = $package_ensure - } unless defined(Package[$package_name]) { package { 'mongodb_mongos': - ensure => $_package_ensure, + ensure => $package_ensure, name => $package_name, tag => 'mongodb_package', } } + } diff --git a/manifests/mongos/service.pp b/manifests/mongos/service.pp index 3dc2c13e7..2e8e2b327 100644 --- a/manifests/mongos/service.pp +++ b/manifests/mongos/service.pp @@ -9,8 +9,8 @@ $service_provider = $mongodb::mongos::service_provider, $bind_ip = $mongodb::mongos::bind_ip, $port = $mongodb::mongos::port, - $service_template = $mongodb::mongos::service_template, ) { + if $package_ensure in ['absent', 'purged'] { $real_service_ensure = 'stopped' $real_service_enable = false @@ -26,13 +26,6 @@ } if $service_manage { - if $facts['os']['family'] == 'RedHat' { - systemd::unit_file { 'mongos.service': - content => epp($service_template), - enable => $real_service_enable, - } ~> Service['mongos'] - } - service { 'mongos': ensure => $real_service_ensure, name => $service_name, @@ -50,4 +43,5 @@ } } } + } diff --git a/manifests/opsmanager.pp b/manifests/opsmanager.pp index 7844b5409..8d65b7166 100644 --- a/manifests/opsmanager.pp +++ b/manifests/opsmanager.pp @@ -55,6 +55,7 @@ Optional[Integer] $snapshot_monthly_retention = undef, # Default: 1 Optional[Integer] $versions_directory = undef, # Linux default: /opt/mongodb/mms/mongodb-releases/ ) { + case $package_ensure { 'absent': { $my_package_ensure = 'absent' diff --git a/manifests/params.pp b/manifests/params.pp index 806a5059e..e9074af35 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -18,7 +18,7 @@ ] $handle_creds = true $store_creds = false - $rcfile = "${facts['root_home']}/.mongorc.js" + $rcfile = "${::root_home}/.mongorc.js" $dbpath_fix = false $manage_package = pick($mongodb::globals::manage_package, $mongodb::globals::manage_package_repo, false) @@ -40,9 +40,17 @@ # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. case $facts['os']['family'] { 'RedHat', 'Linux', 'Suse': { - $user = pick($mongodb::globals::user, 'mongod') - $group = pick($mongodb::globals::group, 'mongod') - $server_package_name = pick($mongodb::globals::server_package_name, "mongodb-${mongodb::globals::edition}-server") + if $manage_package { + $user = pick($mongodb::globals::user, 'mongod') + $group = pick($mongodb::globals::group, 'mongod') + $server_package_name = pick($mongodb::globals::server_package_name, "mongodb-${mongodb::globals::edition}-server") + } else { + # RedHat/CentOS doesn't come with a prepacked mongodb + # so we assume that you are using EPEL repository. + $user = pick($mongodb::globals::user, 'mongodb') + $group = pick($mongodb::globals::group, 'mongodb') + $server_package_name = pick($mongodb::globals::server_package_name, 'mongodb-server') + } $service_name = pick($mongodb::globals::service_name, 'mongod') $logpath = '/var/log/mongodb/mongod.log' diff --git a/manifests/repo.pp b/manifests/repo.pp index c6f52049d..bf303dc72 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -30,21 +30,6 @@ contain mongodb::repo::yum } - 'Suse': { - if $repo_location { - $location = $repo_location - $description = 'MongoDB Custom Repository' - } elsif $version == undef or versioncmp($version, '3.2.0') < 0 { - fail('Package repositories for versions older than 3.2 are unsupported') - } else { - $mongover = split($version, '[.]') - $location = "https://repo.mongodb.org/zypper/suse/\$releasever_major/mongodb-org/${mongover[0]}.${mongover[1]}/\$basearch/" - $description = 'MongoDB Repository' - } - - contain mongodb::repo::zypper - } - 'Debian': { if $repo_location != undef { $location = $repo_location @@ -72,8 +57,6 @@ default => undef } $key = "${mongover[0]}.${mongover[1]}" ? { - '5.0' => 'F5679A222C647C87527C2F8CB00A0BD1E2C63C11', - '4.4' => '20691EEC35216C63CAF66CE1656408E390CFB1F5', '4.2' => 'E162F504A20CDF15827F718D4B7C549A058F8B6B', '4.0' => '9DA31620334BD75D9DCB49F368818C72E52529D4', '3.6' => '2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5', @@ -89,7 +72,7 @@ default: { if($ensure == 'present' or $ensure == true) { - fail("Unsupported managed repository for osfamily: ${facts['os']['family']}, operatingsystem: ${facts['os']['name']}, module ${module_name} currently only supports managing repos for osfamily RedHat, Suse, Debian and Ubuntu") + fail("Unsupported managed repository for osfamily: ${facts['os']['family']}, operatingsystem: ${facts['os']['name']}, module ${module_name} currently only supports managing repos for osfamily RedHat, Debian and Ubuntu") } } } diff --git a/manifests/repo/apt.pp b/manifests/repo/apt.pp index ff567c9f1..9a21843bd 100644 --- a/manifests/repo/apt.pp +++ b/manifests/repo/apt.pp @@ -17,7 +17,7 @@ }, } - Apt::Source['mongodb'] -> Class['apt::update'] -> Package<| tag == 'mongodb_package' |> + Apt::Source['mongodb'] -> Package<| tag == 'mongodb_package' |> } else { apt::source { 'mongodb': diff --git a/manifests/server/install.pp b/manifests/server/install.pp index b40502ada..df801d923 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -26,11 +26,9 @@ } } - unless defined(Package[$package_name]) { - package { 'mongodb_server': - ensure => $my_package_ensure, - name => $package_name, - tag => 'mongodb_package', - } + package { 'mongodb_server': + ensure => $my_package_ensure, + name => $package_name, + tag => 'mongodb_package', } } diff --git a/metadata.json b/metadata.json index 6dade4bc9..540b5daa7 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppet-mongodb", - "version": "4.1.2-rc0", + "version": "3.1.0", "author": "Vox Pupuli", "summary": "Installs MongoDB on RHEL/Ubuntu/Debian.", "license": "Apache-2.0", @@ -23,47 +23,31 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "9", - "10" + "9" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "18.04", - "20.04" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "12", - "15" + "16.04", + "18.04" ] } ], "requirements": [ { "name": "puppet", - "version_requirement": ">= 6.1.0 < 8.0.0" + "version_requirement": ">= 5.5.8 < 7.0.0" } ], "dependencies": [ { "name": "puppetlabs/apt", - "version_requirement": ">= 2.1.0 < 9.0.0" + "version_requirement": ">= 2.1.0 < 8.0.0" }, { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.25.0 < 9.0.0" - }, - { - "name": "puppet/systemd", - "version_requirement": ">= 2.5.1 < 4.0.0" - }, - { - "name": "puppet/zypprepo", - "version_requirement": ">= 4.0.1 < 6.0.0" + "version_requirement": ">= 4.25.0 < 7.0.0" } ] } diff --git a/spec/acceptance/mongos_spec.rb b/spec/acceptance/mongos_spec.rb index cb17200dc..321241d35 100644 --- a/spec/acceptance/mongos_spec.rb +++ b/spec/acceptance/mongos_spec.rb @@ -1,31 +1,21 @@ require 'spec_helper_acceptance' describe 'mongodb::mongos class' do - case fact('osfamily') - when 'Debian' - package_name = if fact('os.distro.codename') =~ %r{^(buster|bullseye)$} - 'mongodb-org-server' - else - 'mongodb-server' - end - config_file = '/etc/mongodb-shard.conf' - else - package_name = 'mongodb-org-server' - config_file = '/etc/mongos.conf' - end + config_file = if fact('osfamily') == 'RedHat' + '/etc/mongos.conf' + else + '/etc/mongodb-shard.conf' + end describe 'installation' do it 'works with no errors' do pp = <<-EOS class { 'mongodb::server': configsvr => true, - replset => 'test', - replset_members => ['127.0.0.1:27019'], - port => 27019, } -> class { 'mongodb::client': } -> class { 'mongodb::mongos': - configdb => ['test/127.0.0.1:27019'], + configdb => ['127.0.0.1:27019'], } EOS @@ -33,7 +23,7 @@ class { 'mongodb::server': apply_manifest(pp, catch_changes: true) end - describe package(package_name) do + describe package('mongodb-server') do it { is_expected.to be_installed } end @@ -62,10 +52,7 @@ class { 'mongodb::server': describe 'uninstalling' do it 'uninstalls mongodb' do pp = <<-EOS - class { 'mongodb::mongos': - package_ensure => 'purged', - } - -> class { 'mongodb::server': + class { 'mongodb::server': ensure => absent, package_ensure => absent, service_ensure => stopped, @@ -74,12 +61,15 @@ class { 'mongodb::mongos': -> class { 'mongodb::client': ensure => absent, } + -> class { 'mongodb::mongos': + package_ensure => 'purged', + } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end - describe package(package_name) do + describe package('mongodb-server') do it { is_expected.not_to be_installed } end diff --git a/spec/acceptance/server_spec.rb b/spec/acceptance/server_spec.rb index 4c8f69bf2..6548a6620 100644 --- a/spec/acceptance/server_spec.rb +++ b/spec/acceptance/server_spec.rb @@ -3,25 +3,11 @@ describe 'mongodb::server class' do case fact('osfamily') when 'Debian' - config_file = if fact('os.distro.codename') =~ %r{^(buster)$} - '/etc/mongod.conf' - else - '/etc/mongodb.conf' - end - service_name = if fact('os.distro.codename') =~ %r{^(buster)$} - 'mongod' - else - 'mongodb' - end - package_name = if fact('os.distro.codename') =~ %r{^(buster)$} - 'mongodb-org-server' - else - 'mongodb-server' - end + config_file = '/etc/mongodb.conf' + service_name = 'mongodb' else config_file = '/etc/mongod.conf' service_name = 'mongod' - package_name = 'mongodb-org-server' end describe 'installation' do @@ -35,7 +21,7 @@ class { 'mongodb::server': } apply_manifest(pp, catch_changes: true) end - describe package(package_name) do + describe package('mongodb-server') do it { is_expected.to be_installed } end @@ -70,7 +56,7 @@ class { 'mongodb::server': apply_manifest(pp, catch_changes: true) end - describe package(package_name) do + describe package('mongodb-server') do it { is_expected.to be_installed } end @@ -97,30 +83,19 @@ class { 'mongodb::server': pp = <<-EOS class { 'mongodb::server': auth => true, - create_admin => false, - handle_creds => true, + create_admin => true, store_creds => true, admin_username => 'admin', - admin_password => 'password', - restart => true, - set_parameter => ['enableLocalhostAuthBypass: true'] + admin_password => 'password' } class { 'mongodb::client': } - - mongodb_user { "User admin on db admin": - ensure => present, - password_hash => mongodb_password('admin', 'password'), - username => 'admin', - database => 'admin', - roles => ['dbAdmin', 'userAdminAnyDatabase'], - } EOS apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end - describe package(package_name) do + describe package('mongodb-server') do it { is_expected.to be_installed } end @@ -174,7 +149,7 @@ class { 'mongodb::server': apply_manifest(pp, catch_changes: true) end - describe package(package_name) do + describe package('mongodb-server') do it { is_expected.not_to be_installed } end diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb index 48f49defe..195eb1263 100644 --- a/spec/classes/client_spec.rb +++ b/spec/classes/client_spec.rb @@ -7,11 +7,7 @@ context 'with defaults' do it { is_expected.to compile.with_all_deps } - if facts[:os]['release']['major'] =~ %r{(10)} - it { is_expected.to create_package('mongodb_client').with_ensure('4.4.8') } - else - it { is_expected.to create_package('mongodb_client').with_ensure('present') } - end + it { is_expected.to create_package('mongodb_client').with_ensure('present') } end context 'with manage_package' do @@ -20,11 +16,7 @@ end it { is_expected.to compile.with_all_deps } - if facts[:os]['release']['major'] =~ %r{(10)} - it { is_expected.to create_package('mongodb_client').with_ensure('4.4.8').with_name('mongodb-org-shell').with_tag('mongodb_package') } - else - it { is_expected.to create_package('mongodb_client').with_ensure('present').with_name('mongodb-org-shell').with_tag('mongodb_package') } - end + it { is_expected.to create_package('mongodb_client').with_ensure('present').with_name('mongodb-org-shell').with_tag('mongodb_package') } end end end diff --git a/spec/classes/mongos_spec.rb b/spec/classes/mongos_spec.rb index 3102fb4d9..1cf654c24 100644 --- a/spec/classes/mongos_spec.rb +++ b/spec/classes/mongos_spec.rb @@ -5,17 +5,12 @@ context "on #{os}" do let(:facts) { facts } - case facts[:os]['family'] - when 'Debian' - package_name = if facts[:os]['release']['major'] =~ %r{(10)} - 'mongodb-org-mongos' - else - 'mongodb-server' - end - config_file = '/etc/mongodb-shard.conf' - else - package_name = 'mongodb-org-mongos' - config_file = '/etc/mongos.conf' + let(:config_file) do + if facts[:osfamily] == 'RedHat' + '/etc/mongos.conf' + else + '/etc/mongodb-shard.conf' + end end context 'with defaults' do @@ -23,17 +18,13 @@ # install it { is_expected.to contain_class('mongodb::mongos::install') } - if facts[:os]['release']['major'] =~ %r{(10)} - it { is_expected.to contain_package('mongodb_mongos').with_ensure('4.4.8').with_name(package_name).with_tag('mongodb_package') } - else - it { is_expected.to contain_package('mongodb_mongos').with_ensure('present').with_name(package_name).with_tag('mongodb_package') } - end + it { is_expected.to contain_package('mongodb_mongos').with_ensure('present').with_name('mongodb-server').with_tag('mongodb_package') } # config it { is_expected.to contain_class('mongodb::mongos::config') } case facts[:osfamily] - when 'RedHat', 'Suse' + when 'RedHat' expected_content = <<-CONFIG configdb = 127.0.0.1:27019 fork = true @@ -54,7 +45,7 @@ # service it { is_expected.to contain_class('mongodb::mongos::service') } - if facts[:osfamily] == 'RedHat' || facts[:osfamily] == 'Suse' + if facts[:osfamily] == 'RedHat' it { is_expected.to contain_file('/etc/sysconfig/mongos') } else it { is_expected.not_to contain_file('/etc/sysconfig/mongos') } @@ -69,16 +60,6 @@ it { is_expected.to contain_service('mongos') } end - describe 'with specific bind_ip values' do - let :params do - { - bind_ip: ['127.0.0.1', '10.1.1.13'] - } - end - - it { is_expected.to contain_file(config_file).with_content(%r{^bind_ip = 127\.0\.0\.1\,10\.1\.1\.13$}) } - end - context 'package_name => mongo-foo' do let(:params) do { @@ -87,12 +68,7 @@ end it { is_expected.to compile.with_all_deps } - - if facts[:os]['release']['major'] =~ %r{(10)} - it { is_expected.to contain_package('mongodb_mongos').with_name('mongo-foo').with_ensure('4.4.8').with_tag('mongodb_package') } - else - it { is_expected.to contain_package('mongodb_mongos').with_name('mongo-foo').with_ensure('present').with_tag('mongodb_package') } - end + it { is_expected.to contain_package('mongodb_mongos').with_name('mongo-foo').with_ensure('present').with_tag('mongodb_package') } end context 'service_manage => false' do @@ -119,23 +95,19 @@ # install it { is_expected.to contain_class('mongodb::mongos::install') } - if facts[:osfamily] == 'Suse' - it { is_expected.to contain_package('mongodb_mongos').with_ensure('absent') } - else - it { is_expected.to contain_package('mongodb_mongos').with_ensure('purged') } - end + it { is_expected.to contain_package('mongodb_mongos').with_ensure('purged') } # config it { is_expected.to contain_class('mongodb::mongos::config') } case facts[:osfamily] - when 'RedHat', 'Suse' + when 'RedHat' it { is_expected.to contain_file('/etc/mongos.conf').with_ensure('absent') } when 'Debian' it { is_expected.to contain_file('/etc/mongodb-shard.conf').with_ensure('absent') } end - if facts[:osfamily] == 'RedHat' || facts[:osfamily] == 'Suse' + if facts[:osfamily] == 'RedHat' it { is_expected.to contain_file('/etc/sysconfig/mongos').with_ensure('absent') } else it { is_expected.not_to contain_file('/etc/sysconfig/mongos') } @@ -160,6 +132,6 @@ { osfamily: 'Solaris' } end - it { is_expected.to compile.and_raise_error(%r{is not applicable to an Undef Value}) } + it { expect { is_expected.to raise_error(Puppet::Error) } } end end diff --git a/spec/classes/repo_spec.rb b/spec/classes/repo_spec.rb index fdbec0f2b..baab14b6d 100644 --- a/spec/classes/repo_spec.rb +++ b/spec/classes/repo_spec.rb @@ -25,12 +25,6 @@ is_expected.to contain_yumrepo('mongodb'). with_baseurl('https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.6/$basearch/') end - when 'Suse' - it { is_expected.to contain_class('mongodb::repo::zypper') } - it do - is_expected.to contain_zypprepo('mongodb'). - with_baseurl('https://repo.mongodb.org/zypper/suse/$releasever_major/mongodb-org/3.6/$basearch/') - end when 'Debian' it { is_expected.to contain_class('mongodb::repo::apt') } case facts[:operatingsystem] @@ -72,8 +66,6 @@ with_proxy_username('proxyuser1'). with_proxy_password('proxypassword1') end - when 'Suse' - it { is_expected.to contain_class('mongodb::repo::zypper') } when 'Debian' it { is_expected.to contain_class('mongodb::repo::apt') } else diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 97de34673..ffeab1355 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -20,11 +20,7 @@ let(:config_file) do if facts[:os]['family'] == 'Debian' - if facts[:os]['release']['major'] =~ %r{(10)} - '/etc/mongod.conf' - else - '/etc/mongodb.conf' - end + '/etc/mongodb.conf' else '/etc/mongod.conf' end @@ -41,13 +37,7 @@ describe 'with defaults' do it_behaves_like 'server classes' - if facts[:os]['family'] == 'RedHat' || facts[:os]['family'] == 'Suse' - it { is_expected.to contain_package('mongodb_server').with_ensure('present').with_name('mongodb-org-server').with_tag('mongodb_package') } - elsif facts[:os]['release']['major'] =~ %r{(10)} - it { is_expected.to contain_package('mongodb_server').with_ensure('4.4.8').with_name('mongodb-org-server').with_tag('mongodb_package') } - else - it { is_expected.to contain_package('mongodb_server').with_ensure('present').with_name('mongodb-server').with_tag('mongodb_package') } - end + it { is_expected.to contain_package('mongodb_server').with_ensure('present').with_name('mongodb-server').with_tag('mongodb_package') } it do is_expected.to contain_file(config_file). @@ -66,7 +56,7 @@ it { is_expected.to contain_file(config_file).with_content(%r{^ fork: true$}) } end - it { is_expected.to contain_file('/root/.mongorc.js').with_ensure('file').without_content(%r{db\.auth}) } + it { is_expected.to contain_file('/root/.mongorc.js').with_ensure('absent') } it { is_expected.not_to contain_exec('fix dbpath permissions') } end @@ -162,24 +152,14 @@ it { is_expected.to contain_file('/root/.mongorc.js') } end - describe 'when specifying set_parameter array value' do - let :params do - { - set_parameter: ['textSearchEnable=true'] - } - end - - it { is_expected.to contain_file(config_file).with_content(%r{^setParameter:\n textSearchEnable=true}) } - end - - describe 'when specifying set_parameter string value' do + describe 'when specifying set_parameter value' do let :params do { set_parameter: 'textSearchEnable=true' } end - it { is_expected.to contain_file(config_file).with_content(%r{^setParameter:\n textSearchEnable=true}) } + it { is_expected.to contain_file(config_file).with_content(%r{^setParameter: textSearchEnable=true}) } end describe 'with journal:' do @@ -257,7 +237,7 @@ it { is_expected.to contain_file('/root/.mongorc.js'). - with_ensure('file'). + with_ensure('present'). with_owner('root'). with_group('root'). with_mode('0600'). @@ -272,7 +252,7 @@ } end - it { is_expected.to contain_file('/root/.mongorc.js').with_ensure('file').without_content(%r{db\.auth}) } + it { is_expected.to contain_file('/root/.mongorc.js').with_ensure('absent') } end end @@ -378,7 +358,7 @@ let(:rsConf) do { 'rsTest' => { - 'ensure' => 'present', + 'ensure' => 'present', 'members' => [ 'mongo1:27017', 'mongo2:27017', diff --git a/spec/functions/mongodb_password_spec.rb b/spec/functions/mongodb_password_spec.rb index cab2a8e7b..e21bff8f2 100644 --- a/spec/functions/mongodb_password_spec.rb +++ b/spec/functions/mongodb_password_spec.rb @@ -6,7 +6,4 @@ it { is_expected.to run.with_params(:undef, :undef).and_raise_error(ArgumentError) } it { is_expected.to run.with_params('', '').and_raise_error(ArgumentError) } it { is_expected.to run.with_params('user', 'pass').and_return('e0c4a7b97d4db31f5014e9694e567d6b') } - it { is_expected.to run.with_params('user', sensitive('pass')).and_return('e0c4a7b97d4db31f5014e9694e567d6b') } - it { is_expected.to run.with_params('user', sensitive('pass'), true) } - it { expect(subject.execute('user', sensitive('pass'), true).unwrap).to eq('e0c4a7b97d4db31f5014e9694e567d6b') } end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index fb5f0cbea..618e24f5a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,17 +1,65 @@ -# Managed by modulesync - DO NOT EDIT -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ +# This file is managed via modulesync +# https://github.com/voxpupuli/modulesync +# https://github.com/voxpupuli/modulesync_config +RSpec.configure do |c| + c.mock_with :rspec +end -# puppetlabs_spec_helper will set up coverage if the env variable is set. -# We want to do this if lib exists and it hasn't been explicitly set. -ENV['COVERAGE'] ||= 'yes' if Dir.exist?(File.expand_path('../../lib', __FILE__)) +require 'puppetlabs_spec_helper/module_spec_helper' +require 'rspec-puppet-facts' +require 'bundler' +include RspecPuppetFacts -require 'voxpupuli/test/spec_helper' +if ENV['DEBUG'] + Puppet::Util::Log.level = :debug + Puppet::Util::Log.newdestination(:console) +end if File.exist?(File.join(__dir__, 'default_module_facts.yml')) - facts = YAML.safe_load(File.read(File.join(__dir__, 'default_module_facts.yml'))) + facts = YAML.load(File.read(File.join(__dir__, 'default_module_facts.yml'))) if facts facts.each do |name, value| add_custom_fact name.to_sym, value end end end + +if Dir.exist?(File.expand_path('../../lib', __FILE__)) + require 'coveralls' + require 'simplecov' + require 'simplecov-console' + SimpleCov.formatters = [ + SimpleCov::Formatter::HTMLFormatter, + SimpleCov::Formatter::Console + ] + SimpleCov.start do + track_files 'lib/**/*.rb' + add_filter '/spec' + add_filter '/vendor' + add_filter '/.vendor' + add_filter Bundler.configured_bundle_path.path + end +end + +RSpec.configure do |c| + # getting the correct facter version is tricky. We use facterdb as a source to mock facts + # see https://github.com/camptocamp/facterdb + # people might provide a specific facter version. In that case we use it. + # Otherwise we need to match the correct facter version to the used puppet version. + # as of 2019-10-31, puppet 5 ships facter 3.11 and puppet 6 ships facter 3.14 + # https://puppet.com/docs/puppet/5.5/about_agent.html + # + # The environment variable `PUPPET_VERSION` is available in our travis environment, but we cannot rely on it + # if somebody runs the tests locally. For that case we should fallback the the puppet gem version. + c.default_facter_version = if ENV['FACTERDB_FACTS_VERSION'] + ENV['FACTERDB_FACTS_VERSION'] + else + puppet_version = ENV['PUPPET_VERSION'] ? ENV['PUPPET_VERSION'] : Gem.loaded_specs['puppet'].version.to_s + Gem::Dependency.new('', puppet_version).match?('', '5') ? '3.11.0' : '3.14.0' + end + + # Coverage generation + c.after(:suite) do + RSpec::Puppet::Coverage.report! + end +end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 7db1a9959..5b1467c1f 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,5 +1,28 @@ -require 'voxpupuli/acceptance/spec_helper_acceptance' +require 'beaker-puppet' +require 'beaker-rspec' +require 'beaker/puppet_install_helper' +require 'beaker/module_install_helper' -configure_beaker do |host| - install_package(host, 'epel-release') if fact_on(host, 'os.name') == 'CentOS' +run_puppet_install_helper unless ENV['BEAKER_provision'] == 'no' + +RSpec.configure do |c| + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + install_module_on(hosts) + install_module_dependencies_on(hosts) + + hosts.each do |host| + next unless fact_on(host, 'osfamily') == 'RedHat' + # don't delete downloaded rpm for use with BEAKER_provision=no + + # BEAKER_destroy=no + on host, 'sed -i "s/keepcache=.*/keepcache=1/" /etc/yum.conf' + # refresh check if cache needs refresh on next yum command + on host, 'yum clean expire-cache' + # We always need EPEL + host.install_package('epel-release') + end + end end diff --git a/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb index 332c78263..0e313d853 100644 --- a/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb @@ -36,7 +36,7 @@ tmp = Tempfile.new('test') mongodconffile = tmp.path allow(provider.class).to receive(:mongod_conf_file).and_return(mongodconffile) - allow(provider.class).to receive(:mongo_eval).with('try { rs.secondaryOk() } catch (err) { rs.slaveOk() };printjson(db.getMongo().getDBs())').and_return(raw_dbs) + allow(provider.class).to receive(:mongo_eval).with('rs.slaveOk();printjson(db.getMongo().getDBs())').and_return(raw_dbs) allow(provider.class).to receive(:db_ismaster).and_return(true) end @@ -48,17 +48,15 @@ describe 'create' do it 'makes a database' do - allow(provider).to receive(:mongo_eval) + expect(provider).to receive(:mongo_eval) provider.create - expect(provider).to have_received(:mongo_eval) end end describe 'destroy' do it 'removes a database' do - allow(provider).to receive(:mongo_eval) + expect(provider).to receive(:mongo_eval) provider.destroy - expect(provider).to have_received(:mongo_eval) end end diff --git a/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb index 83a10b09f..248cff0a6 100644 --- a/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb @@ -37,21 +37,17 @@ EOT end + # rubocop:disable RSpec/MultipleExpectations it 'creates a replicaset' do - allow(provider.class).to receive(:replset_properties) - allow(provider).to receive(:get_hosts_status).and_return([valid_members, []]) - allow(provider).to receive(:master_host).and_return(false) - allow(provider).to receive(:rs_initiate).with('{"_id":"rs_test","members":[{"host":"mongo1:27017","_id":0},{"host":"mongo2:27017","_id":1},{"host":"mongo3:27017","_id":2}],"settings":{}}', 'mongo1:27017').and_return('info' => 'Config now saved locally. Should come online in about a minute.', 'ok' => 1) - allow(provider).to receive(:db_ismaster).and_return('{"ismaster" : true}') + expect(provider.class).to receive(:replset_properties) + expect(provider).to receive(:get_hosts_status).and_return([valid_members, []]) + expect(provider).to receive(:master_host).and_return(false) + expect(provider).to receive(:rs_initiate).with('{"_id":"rs_test","members":[{"host":"mongo1:27017","_id":0},{"host":"mongo2:27017","_id":1},{"host":"mongo3:27017","_id":2}],"settings":{}}', 'mongo1:27017').and_return('info' => 'Config now saved locally. Should come online in about a minute.', 'ok' => 1) + expect(provider).to receive(:db_ismaster).and_return('{"ismaster" : true}') provider.create provider.flush - - expect(provider.class).to have_received(:replset_properties) - expect(provider).to have_received(:get_hosts_status) - expect(provider).to have_received(:master_host) - expect(provider).to have_received(:rs_initiate) - expect(provider).to have_received(:db_ismaster) end + # rubocop:enable RSpec/MultipleExpectations end describe '#exists?' do @@ -149,10 +145,9 @@ it 'adds missing members to an existing replicaset' do allow(provider.class).to receive(:replset_properties) allow(provider).to receive(:rs_status).and_return('set' => 'rs_test') - allow(provider).to receive('rs_add').thrice.and_return('ok' => 1) + expect(provider).to receive('rs_add').thrice.and_return('ok' => 1) provider.members = valid_members provider.flush - expect(provider).to have_received('rs_add').thrice end it 'raises an error when the master host is not available' do diff --git a/spec/unit/puppet/provider/mongodb_shard/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_shard/mongodb_spec.rb index 3c02bb9ed..a6ad57f06 100644 --- a/spec/unit/puppet/provider/mongodb_shard/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_shard/mongodb_spec.rb @@ -48,20 +48,19 @@ end describe '#create' do + # rubocop:disable RSpec/MultipleExpectations it 'makes a shard' do - allow(provider).to receive(:sh_addshard).with('rs_test/mongo1:27018').and_return( + expect(provider).to receive(:sh_addshard).with('rs_test/mongo1:27018').and_return( 'shardAdded' => 'rs_test', 'ok' => 1 ) - allow(provider).to receive(:sh_enablesharding).with('rs_test').and_return( + expect(provider).to receive(:sh_enablesharding).with('rs_test').and_return( 'ok' => 1 ) provider.create provider.flush - - expect(provider).to have_received(:sh_addshard) - expect(provider).to have_received(:sh_enablesharding) end + # rubocop:enable RSpec/MultipleExpectations end describe 'destroy' do diff --git a/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb index 06b559043..d370468e9 100644 --- a/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb @@ -61,17 +61,15 @@ } EOS - allow(provider).to receive(:mongo_eval).with("db.runCommand(#{cmd_json})", 'new_database') + expect(provider).to receive(:mongo_eval).with("db.runCommand(#{cmd_json})", 'new_database') provider.create - expect(provider).to have_received(:mongo_eval) end end describe 'destroy' do it 'removes a user' do - allow(provider).to receive(:mongo_eval).with('db.dropUser("new_user")') + expect(provider).to receive(:mongo_eval).with('db.dropUser("new_user")') provider.destroy - expect(provider).to have_received(:mongo_eval) end end @@ -96,10 +94,9 @@ "digestPassword":false } EOS - allow(provider).to receive(:mongo_eval). + expect(provider).to receive(:mongo_eval). with("db.runCommand(#{cmd_json})", 'new_database') provider.password_hash = 'newpass' - expect(provider).to have_received(:mongo_eval) end end @@ -124,37 +121,34 @@ describe 'roles=' do it 'changes nothing' do resource.provider.set(name: 'new_user', ensure: :present, roles: %w[role1 role2@other_database]) - allow(provider).to receive(:mongo_eval) + expect(provider).not_to receive(:mongo_eval) provider.roles = %w[role1 role2@other_database] - expect(provider).not_to have_received(:mongo_eval) end it 'grant a role' do resource.provider.set(name: 'new_user', ensure: :present, roles: %w[role1 role2@other_database]) - allow(provider).to receive(:mongo_eval). + expect(provider).to receive(:mongo_eval). with('db.getSiblingDB("new_database").grantRolesToUser("new_user", [{"role":"role3","db":"new_database"}])') provider.roles = %w[role1 role2@other_database role3] - expect(provider).to have_received(:mongo_eval) end it 'revokes a role' do resource.provider.set(name: 'new_user', ensure: :present, roles: %w[role1 role2@other_database]) - allow(provider).to receive(:mongo_eval). + expect(provider).to receive(:mongo_eval). with('db.getSiblingDB("new_database").revokeRolesFromUser("new_user", [{"role":"role1","db":"new_database"}])') provider.roles = ['role2@other_database'] - expect(provider).to have_received(:mongo_eval) end + # rubocop:disable RSpec/MultipleExpectations it 'exchanges a role' do resource.provider.set(name: 'new_user', ensure: :present, roles: %w[role1 role2@other_database]) - allow(provider).to receive(:mongo_eval). + expect(provider).to receive(:mongo_eval). with('db.getSiblingDB("new_database").revokeRolesFromUser("new_user", [{"role":"role1","db":"new_database"}])') - allow(provider).to receive(:mongo_eval). + expect(provider).to receive(:mongo_eval). with('db.getSiblingDB("new_database").grantRolesToUser("new_user", [{"role":"role3","db":"new_database"}])') provider.roles = %w[role2@other_database role3] - - expect(provider).to have_received(:mongo_eval).twice end + # rubocop:enable RSpec/MultipleExpectations end end From 9e5c7287ddc43ab9ef2ad4f75d8bda3b2e941784 Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Fri, 4 Dec 2020 17:44:30 +0000 Subject: [PATCH 3/8] Fix SSL support for MongoDB 4.x - SSL parameters should be provided based on the configuration file settings - Added `--sslAllowInvalidHostnames` support to the `mongodb` provider --- lib/facter/is_master.rb | 10 ++++++---- lib/puppet/provider/mongodb.rb | 14 ++++++++++++-- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/lib/facter/is_master.rb b/lib/facter/is_master.rb index 2ac6e36d6..9eb8e44ff 100644 --- a/lib/facter/is_master.rb +++ b/lib/facter/is_master.rb @@ -9,12 +9,13 @@ def mongod_conf_file def get_options_from_hash_config(config) result = [] - result << "--port #{config['net.port']}" unless config['net.port'].nil? # use --ssl and --host if: # - sslMode is "requireSSL" # - Parameter --sslPEMKeyFile is set # - Parameter --sslCAFile is set - result << "--ssl --host #{Facter.value(:fqdn)}" if config['net.ssl.mode'] == 'requireSSL' || !config['net.ssl.PEMKeyFile'].nil? || !config['net.ssl.CAFile'].nil? + result << "--port #{config['net.port']}" unless config['net.port'].nil? + result << "--ssl --host #{Facter.value(:fqdn)}" if ['allowSSL', 'preferSSL', 'requireSSL'].include? config['net.ssl.mode'] + result << "--sslAllowInvalidHostnames" if config['net.ssl.allowInvalidHostnames'] == true result << "--sslPEMKeyFile #{config['net.ssl.PEMKeyFile']}" unless config['net.ssl.PEMKeyFile'].nil? result << "--sslCAFile #{config['net.ssl.CAFile']}" unless config['net.ssl.CAFile'].nil? result << '--ipv6' unless config['net.ipv6'].nil? @@ -31,12 +32,13 @@ def get_options_from_keyvalue_config(file) result = [] - result << "--port #{config['port']}" unless config['port'].nil? # use --ssl and --host if: # - sslMode is "requireSSL" # - Parameter --sslPEMKeyFile is set # - Parameter --sslCAFile is set - result << "--ssl --host #{Facter.value(:fqdn)}" if config['ssl'] == 'requireSSL' || !config['sslcert'].nil? || !config['sslca'].nil? + result << "--port #{config['port']}" unless config['port'].nil? + result << "--ssl --host #{Facter.value(:fqdn)}" if ['allowSSL', 'preferSSL', 'requireSSL'].include? config['ssl'] + result << "--sslAllowInvalidHostnames" if config['net.ssl.allowInvalidHostnames'] == true result << "--sslPEMKeyFile #{config['sslcert']}" unless config['sslcert'].nil? result << "--sslCAFile #{config['sslca']}" unless config['sslca'].nil? result << '--ipv6' unless config['ipv6'].nil? diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 56919be77..6d6d85faa 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -62,7 +62,6 @@ def self.mongo_cmd(db, host, cmd) args = [db, '--quiet', '--host', host] args.push('--ipv6') if ipv6_is_enabled(config) - args.push('--sslAllowInvalidHostnames') if ssl_invalid_hostnames(config) if ssl_is_enabled(config) args.push('--ssl') @@ -70,6 +69,8 @@ def self.mongo_cmd(db, host, cmd) ssl_ca = config['sslca'] args += ['--sslCAFile', ssl_ca] unless ssl_ca.nil? + + args.push('--sslAllowInvalidHostnames') if ssl_invalid_hostnames(config) end args += ['--eval', cmd] @@ -108,10 +109,19 @@ def self.conn_string end def self.db_ismaster + config = mongo_conf cmd_ismaster = 'db.isMaster().ismaster' cmd_ismaster = mongorc_file + cmd_ismaster if mongorc_file db = 'admin' - res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp + + # Mongo command result includes a warning when the hostname does not match the certificate CN + # - Updating the command to only consider the last line of the output :( + if ssl_invalid_hostnames(config) + res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.split.last.chomp + else + res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp + end + res.eql?('true') end From 2a15938a46e8edefab65329c273fee5831ee65e3 Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Fri, 4 Dec 2020 18:13:58 +0000 Subject: [PATCH 4/8] Add support for Mongo 4.x secondary check --- .../provider/mongodb_database/mongodb.rb | 9 +++++++-- .../provider/mongodb_database/mongodb_spec.rb | 9 ++++++++- templates/mongorc.js.erb | 20 +++++++++---------- 3 files changed, 24 insertions(+), 14 deletions(-) diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index b306b9395..f11942568 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -7,8 +7,13 @@ def self.instances require 'json' - pre_cmd = 'try { rs.secondaryOk() } catch (err) { rs.slaveOk() }' - dbs = JSON.parse mongo_eval(pre_cmd + ';printjson(db.getMongo().getDBs())') + if self.mongo_version =~ /^[23]\./ + secondary_check_cmd = 'rs.slaveOk()' + else + secondary_check_cmd = 'rs.secondaryOk()' + end + + dbs = JSON.parse mongo_eval("#{secondary_check_cmd};printjson(db.getMongo().getDBs())") dbs['databases'].map do |db| new(name: db['name'], diff --git a/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb index 0e313d853..6784a9199 100644 --- a/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb @@ -35,8 +35,15 @@ before do tmp = Tempfile.new('test') mongodconffile = tmp.path + + if self.mongo_version =~ /^[23]\./ + secondary_check_cmd = 'rs.slaveOk()' + else + secondary_check_cmd = 'rs.secondaryOk()' + end + allow(provider.class).to receive(:mongod_conf_file).and_return(mongodconffile) - allow(provider.class).to receive(:mongo_eval).with('rs.slaveOk();printjson(db.getMongo().getDBs())').and_return(raw_dbs) + allow(provider.class).to receive(:mongo_eval).with("#{secondary_check_cmd};printjson(db.getMongo().getDBs())").and_return(raw_dbs) allow(provider.class).to receive(:db_ismaster).and_return(true) end diff --git a/templates/mongorc.js.erb b/templates/mongorc.js.erb index 9e060306f..448dcde7c 100644 --- a/templates/mongorc.js.erb +++ b/templates/mongorc.js.erb @@ -16,7 +16,6 @@ function rsReconfigSettings(settings){ return rs.reconfig(cfg) } -<% if @auth and @store_creds -%> function authRequired() { try { return db.serverCmdLineOpts().code == 13; @@ -26,19 +25,19 @@ function authRequired() { } if (authRequired()) { - <%- if @replset -%> - // rs.slaveOk has been deprecated, use secondaryOk if available try { - rs.secondaryOk() - } - catch (err) { +<% + if @replset + if @mongodb_version =~ /^[23]\./ -%> rs.slaveOk() - } - <%- end -%> - try { + else + rs.secondaryOk() +<% + end + end -%> var prev_db = db db = db.getSiblingDB('admin') - db.auth('<%= @admin_username %>', '<%= @admin_password_unsensitive %>') + db.auth('<%= @admin_username %>', '<%= @admin_password %>') db = db.getSiblingDB(prev_db) } catch (err) { @@ -46,4 +45,3 @@ if (authRequired()) { abort('Unknown error') } } -<% end -%> From 7c7ac714893c355088f75b6d9d1926e70be544d0 Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Fri, 4 Dec 2020 18:18:30 +0000 Subject: [PATCH 5/8] Fixed mongorc.js type for secondary check --- templates/mongorc.js.erb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/mongorc.js.erb b/templates/mongorc.js.erb index 448dcde7c..122e9a77e 100644 --- a/templates/mongorc.js.erb +++ b/templates/mongorc.js.erb @@ -30,7 +30,8 @@ if (authRequired()) { if @replset if @mongodb_version =~ /^[23]\./ -%> rs.slaveOk() - else +<% + else -%> rs.secondaryOk() <% end From 8053d1507be58ed98076ce251b57abadb55882c8 Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Wed, 9 Dec 2020 10:13:38 +0000 Subject: [PATCH 6/8] Incorporate upstream incompatiblity try/catch components --- .../provider/mongodb_database/mongodb.rb | 9 ++------- spec/acceptance/replset_spec.rb | 8 ++++++-- .../provider/mongodb_database/mongodb_spec.rb | 8 +------- templates/mongorc.js.erb | 18 +++++++++--------- 4 files changed, 18 insertions(+), 25 deletions(-) diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index f11942568..b306b9395 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -7,13 +7,8 @@ def self.instances require 'json' - if self.mongo_version =~ /^[23]\./ - secondary_check_cmd = 'rs.slaveOk()' - else - secondary_check_cmd = 'rs.secondaryOk()' - end - - dbs = JSON.parse mongo_eval("#{secondary_check_cmd};printjson(db.getMongo().getDBs())") + pre_cmd = 'try { rs.secondaryOk() } catch (err) { rs.slaveOk() }' + dbs = JSON.parse mongo_eval(pre_cmd + ';printjson(db.getMongo().getDBs())') dbs['databases'].map do |db| new(name: db['name'], diff --git a/spec/acceptance/replset_spec.rb b/spec/acceptance/replset_spec.rb index f47b218f4..eda8fee97 100644 --- a/spec/acceptance/replset_spec.rb +++ b/spec/acceptance/replset_spec.rb @@ -38,6 +38,8 @@ class { 'mongodb::client': } apply_manifest_on(hosts.reverse, pp, catch_failures: true) apply_manifest_on(hosts.reverse, pp, catch_changes: true) end + + # rubocop:disable RSpec/MultipleExpectations it 'sets up the replset with puppet' do pp = <<-EOS mongodb_replset { 'test': @@ -65,7 +67,7 @@ class { 'mongodb::client': } it 'checks the data on the slave' do sleep(10) - on hosts_as('slave'), %{mongo --verbose --eval 'try { rs.secondaryOk() } catch (err) { rs.slaveOk() }; printjson(db.test.findOne({name:"test1"}))'} do |r| + on hosts_as('slave'), %{mongo --verbose --eval 'try { rs.secondaryOk() } catch(err) { rs.slaveOk() }; printjson(db.test.findOne({name:"test1"}))'} do |r| expect(r.stdout).to match %r{some value} end end @@ -132,6 +134,8 @@ class { 'mongodb::server': apply_manifest_on(hosts.reverse, pp, catch_failures: true) apply_manifest_on(hosts.reverse, pp, catch_changes: true) end + + # rubocop:disable RSpec/MultipleExpectations it 'sets up the replset with puppet' do pp = <<-EOS class { 'mongodb::globals': @@ -194,7 +198,7 @@ class { 'mongodb::server': it 'checks the data on the slave' do sleep(10) - on hosts_as('slave'), %{mongo test --verbose --eval 'load("/root/.mongorc.js");try { rs.secondaryOk() } catch (err) { rs.slaveOk() };printjson(db.dummyData.findOne())'} do |r| + on hosts_as('slave'), %{mongo test --verbose --eval 'load("/root/.mongorc.js");try { rs.secondaryOk() } catch(err) { rs.slaveOk() };printjson(db.dummyData.findOne())'} do |r| expect(r.stdout).to match %r{created_by_puppet} end end diff --git a/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb b/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb index 6784a9199..a846dd663 100644 --- a/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb +++ b/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb @@ -36,14 +36,8 @@ tmp = Tempfile.new('test') mongodconffile = tmp.path - if self.mongo_version =~ /^[23]\./ - secondary_check_cmd = 'rs.slaveOk()' - else - secondary_check_cmd = 'rs.secondaryOk()' - end - allow(provider.class).to receive(:mongod_conf_file).and_return(mongodconffile) - allow(provider.class).to receive(:mongo_eval).with("#{secondary_check_cmd};printjson(db.getMongo().getDBs())").and_return(raw_dbs) + allow(provider.class).to receive(:mongo_eval).with('try { rs.secondaryOk() } catch(err) { rs.slaveOk() };printjson(db.getMongo().getDBs())').and_return(raw_dbs) allow(provider.class).to receive(:db_ismaster).and_return(true) end diff --git a/templates/mongorc.js.erb b/templates/mongorc.js.erb index 122e9a77e..60dbb14c9 100644 --- a/templates/mongorc.js.erb +++ b/templates/mongorc.js.erb @@ -26,16 +26,16 @@ function authRequired() { if (authRequired()) { try { -<% - if @replset - if @mongodb_version =~ /^[23]\./ -%> - rs.slaveOk() -<% - else -%> +<% if @replset -%> + // rs.slaveOk has been deprecated, use secondaryOk if available + try { rs.secondaryOk() -<% - end - end -%> + } + catch(err) { + rs.slaveOk() + } +<% end -%> + try { var prev_db = db db = db.getSiblingDB('admin') db.auth('<%= @admin_username %>', '<%= @admin_password %>') From 58f4b3c3062661ea49cbe62dce0f4c814a9f19ca Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Wed, 9 Dec 2020 10:27:52 +0000 Subject: [PATCH 7/8] Fix mongorcjs typo --- templates/mongorc.js.erb | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/mongorc.js.erb b/templates/mongorc.js.erb index 60dbb14c9..f8cb9805e 100644 --- a/templates/mongorc.js.erb +++ b/templates/mongorc.js.erb @@ -25,7 +25,6 @@ function authRequired() { } if (authRequired()) { - try { <% if @replset -%> // rs.slaveOk has been deprecated, use secondaryOk if available try { From 210796f8f192eed3b56b66c547c56b9290dc55d1 Mon Sep 17 00:00:00 2001 From: Adnan Smajlovic Date: Mon, 24 Jan 2022 15:18:08 +0000 Subject: [PATCH 8/8] Enable MongoDB 5.0 support - Include an upstream vendor module update (more like a 'hack') to enable password hashing for both MongoDB 4.0 and 5.0 --- lib/puppet/provider/mongodb.rb | 9 +++++++++ lib/puppet/provider/mongodb_user/mongodb.rb | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 6d6d85faa..b186b4624 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -193,4 +193,13 @@ def self.mongo_4? def mongo_4? self.class.mongo_4? end + + def self.mongo_5? + v = mongo_version + !v[%r{^5\.}].nil? + end + + def mongo_5? + self.class.mongo_5? + end end diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index b86beb694..7bc9a0666 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -53,7 +53,7 @@ def create digestPassword: false } - if mongo_4? + if mongo_4? || mongo_5? # SCRAM-SHA-256 requires digestPassword to be true. command[:mechanisms] = ['SCRAM-SHA-1'] end