opuppet/module-puppetdb
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge branch 'validator_ssl'

Browse source 
* validator_ssl:
  Fix use_ssl behaviour for the validator and new puppetdb_disable_ssl parameter
This commit is contained in:
Ken Barber 2014-10-08 12:58:27 +01:00
commit 531df208dd
3 changed files with 76 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -440,6 +440,11 @@ The dns name or ip of the puppetdb server (defaults to the certname of the curre
The port that the puppetdb server is running on (defaults to 8081).
####`puppetdb_disable_ssl`
If true, use plain HTTP to talk to PuppetDB. Defaults to the value of disable_ssl if PuppetDB is on the same server as the Puppet Master, or else false.
If you set this, you probably need to set puppetdb_port to match the HTTP port of the PuppetDB.
####`puppetdb_soft_write_failure`
Boolean to fail in a soft-manner if PuppetDB is not accessable for command submission (defaults to false).

13
manifests/master/config.pp
View file

@ -1,13 +1,17 @@
# Manage puppet configuration. See README.md for more details.
class puppetdb::master::config (
$puppetdb_server = $::fqdn,
$puppetdb_port = defined('$puppetdb::disable_ssl') ? {
true => $puppetdb::disable_ssl ? {
$puppetdb_port = defined(Class['puppetdb']) ? {
true => $::puppetdb::disable_ssl ? {
true => 8080,
default => 8081,
},
default => 8081,
},
$puppetdb_disable_ssl = defined(Class['puppetdb']) ? {
true => $::puppetdb::disable_ssl,
default => false,
},
$puppetdb_soft_write_failure = false,
$manage_routes = true,
$manage_storeconfigs = true,
@ -30,6 +34,7 @@ class puppetdb::master::config (
}
if ($strict_validation) {
# Validate the puppetdb connection. If we can't connect to puppetdb then we
# *must* not perform the other configuration steps, or else
puppetdb_conn_validator { 'puppetdb_conn':
@ -41,8 +46,8 @@ class puppetdb::master::config (
true => $puppetdb_port,
default => undef,
},
use_ssl => $puppetdb_port ? {
8080 => false,
use_ssl => $puppetdb_disable_ssl ? {
true => false,
default => true,
},
timeout => $puppetdb_startup_timeout,

64
spec/unit/classes/master/config_spec.rb
View file

@ -4,16 +4,76 @@ describe 'puppetdb::master::config', :type => :class do
let(:facts) do
{
:fqdn => 'puppetdb.example.com',
:osfamily => 'Debian',
:operatingsystem => 'Debian',
:operatingsystemrelease => '6.0',
:kernel => 'Linux',
:concat_basedir => '/var/lib/puppet/concat',
:id => 'root',
:path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
}
end
context 'when using default values' do
it { should compile.with_all_deps }
context 'when PuppetDB on remote server' do
context 'when using default values' do
it { should compile.with_all_deps }
end
end
context 'when PuppetDB and Puppet Master are on the same server' do
context 'when using default values' do
let(:pre_condition) { 'class { "puppetdb": }' }
it { should contain_puppetdb_conn_validator('puppetdb_conn').with(
:puppetdb_server => 'puppetdb.example.com',
:puppetdb_port => '8081',
:use_ssl => 'true') }
end
context 'when puppetdb class is declared with disable_ssl => true' do
let(:pre_condition) { 'class { "puppetdb": disable_ssl => true }' }
it { should contain_puppetdb_conn_validator('puppetdb_conn').with(
:puppetdb_port => '8080',
:use_ssl => 'false')
}
end
context 'when puppetdb_port => 1234' do
let(:pre_condition) { 'class { "puppetdb": }' }
let(:params) do { :puppetdb_port => '1234' } end
it { should contain_puppetdb_conn_validator('puppetdb_conn').with(
:puppetdb_port => '1234',
:use_ssl => 'true')
}
end
context 'when puppetdb_port => 1234 AND the puppetdb class is declared with disable_ssl => true' do
let(:pre_condition) { 'class { "puppetdb": disable_ssl => true }' }
let(:params) do {
:puppetdb_port => '1234'
} end
it { should contain_puppetdb_conn_validator('puppetdb_conn').with(
:puppetdb_port => '1234',
:use_ssl => 'false')
}
end
end
end