keith/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added modules

Browse source
This commit is contained in:
Ciaby 2014-07-11 13:30:23 -05:00
parent c53c931217
commit 59ec520742
646 changed files with 35182 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
modules/postgresql/spec/acceptance/server/config_entry_spec.rb Normal file
View file

@ -0,0 +1,26 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::config_entry:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should change setting and reflect it in show all' do
pp = <<-EOS.unindent
class { 'postgresql::server': }
postgresql::server::config_entry { 'check_function_bodies':
value => 'off',
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('--command="show all" postgres') do |r|
expect(r.stdout).to match(/check_function_bodies.+off/)
expect(r.stderr).to eq('')
end
end
end

48
modules/postgresql/spec/acceptance/server/database_grant_spec.rb Normal file
View file

@ -0,0 +1,48 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::database_grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should grant access so a user can create objects in a database' do
begin
pp = <<-EOS.unindent
$db = 'postgres'
$user = 'psql_grant_tester'
$password = 'psql_grant_pw'
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => postgresql_password($user, $password),
}
postgresql::server::database { $db: }
postgresql::server::database_grant { 'grant create test':
privilege => 'CREATE',
db => $db,
role => $user,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
# Check that the user can create a table in the database
psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
expect(r.stdout).to match(/CREATE TABLE/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop table foo" postgres', 'psql_grant_tester')
end
end
end

29
modules/postgresql/spec/acceptance/server/database_spec.rb Normal file
View file

@ -0,0 +1,29 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::database:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should idempotently create a db that we can connect to' do
begin
pp = <<-EOS.unindent
$db = 'postgresql_test_db'
class { 'postgresql::server': }
postgresql::server::database { $db: }
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('--command="select datname from pg_database" postgresql_test_db') do |r|
expect(r.stdout).to match(/postgresql_test_db/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop database postgresql_test_db" postgres')
end
end
end

138
modules/postgresql/spec/acceptance/server/db_spec.rb Normal file
View file

@ -0,0 +1,138 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::db', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should idempotently create a db that we can connect to' do
begin
pp = <<-EOS.unindent
$db = 'postgresql_test_db'
class { 'postgresql::server': }
postgresql::server::db { $db:
user => $db,
password => postgresql_password($db, $db),
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('--command="select datname from pg_database" postgresql_test_db') do |r|
expect(r.stdout).to match(/postgresql_test_db/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop database postgresql_test_db" postgres')
end
end
it 'should take a locale parameter' do
pending('no support for locale parameter with centos 5', :if => (fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5'))
begin
pp = <<-EOS.unindent
class { 'postgresql::server': }
postgresql::server::db { 'test1':
user => 'test1',
password => postgresql_password('test1', 'test1'),
encoding => 'UTF8',
locale => 'en_NG.UTF-8',
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('-c "show lc_ctype" test1') do |r|
expect(r.stdout).to match(/en_NG/)
end
psql('-c "show lc_collate" test1') do |r|
expect(r.stdout).to match(/en_NG/)
end
ensure
psql('--command="drop database test1" postgres')
end
end
it 'should take an istemplate parameter' do
begin
pp = <<-EOS.unindent
$db = 'template2'
class { 'postgresql::server': }
postgresql::server::db { $db:
user => $db,
password => postgresql_password($db, $db),
istemplate => true,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('--command="select datname from pg_database" template2') do |r|
expect(r.stdout).to match(/template2/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop database template2" postgres', 'postgres', [1,2]) do |r|
expect(r.stdout).to eq('')
expect(r.stderr).to match(/cannot drop a template database/)
end
end
end
it 'should update istemplate parameter' do
begin
pp = <<-EOS.unindent
$db = 'template2'
class { 'postgresql::server': }
postgresql::server::db { $db:
user => $db,
password => postgresql_password($db, $db),
istemplate => false,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('--command="select datname from pg_database" template2') do |r|
expect(r.stdout).to match(/template2/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop database template2" postgres')
end
end
it 'should take a template parameter' do
begin
pp = <<-EOS.unindent
$db = 'postgresql_test_db'
class { 'postgresql::server': }
postgresql::server::db { $db:
user => $db,
template => 'template1',
password => postgresql_password($db, $db),
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
psql('--command="select datname from pg_database" postgresql_test_db') do |r|
expect(r.stdout).to match(/postgresql_test_db/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop database postgresql_test_db" postgres')
end
end
end

49
modules/postgresql/spec/acceptance/server/grant_spec.rb Normal file
View file

@ -0,0 +1,49 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should grant access so a user can create in a database' do
begin
pp = <<-EOS.unindent
$db = 'postgres'
$user = 'psql_grant_tester'
$password = 'psql_grant_pw'
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => postgresql_password($user, $password),
}
postgresql::server::database { $db: }
postgresql::server::grant { 'grant create test':
object_type => 'database',
privilege => 'CREATE',
db => $db,
role => $user,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
# Check that the user can create a table in the database
psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
expect(r.stdout).to match(/CREATE TABLE/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop table foo" postgres', 'psql_grant_tester')
end
end
end

72
modules/postgresql/spec/acceptance/server/pg_hba_rule_spec.rb Normal file
View file

@ -0,0 +1,72 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::pg_hba_rule:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should create a ruleset in pg_hba.conf' do
pp = <<-EOS.unindent
class { 'postgresql::server': }
postgresql::server::pg_hba_rule { "allow application network to access app database":
type => "host",
database => "app",
user => "app",
address => "200.1.2.0/24",
auth_method => md5,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_failures => true)
shell("grep '200.1.2.0/24' /etc/postgresql/*/*/pg_hba.conf || grep '200.1.2.0/24' /var/lib/pgsql/data/pg_hba.conf")
end
it 'should create a ruleset in pg_hba.conf that denies db access to db test1' do
pp = <<-EOS.unindent
class { 'postgresql::server': }
postgresql::server::db { "test1":
user => "test1",
password => postgresql_password('test1', 'test1'),
grant => "all",
}
postgresql::server::pg_hba_rule { "allow anyone to have access to db test1":
type => "local",
database => "test1",
user => "test1",
auth_method => reject,
order => '001',
}
user { "test1":
shell => "/bin/bash",
managehome => true,
}
EOS
apply_manifest(pp, :catch_failures => true)
shell('su - test1 -c \'psql -U test1 -c "\q" test1\'', :acceptable_exit_codes => [2])
end
it 'should fail catalogue if postgresql::server::manage_pga_conf is disabled' do
pp = <<-EOS.unindent
class { 'postgresql::server':
manage_pg_hba_conf => false,
}
postgresql::server::pg_hba_rule { 'foo':
type => "local",
database => "test1",
user => "test1",
auth_method => reject,
order => '001',
}
EOS
apply_manifest(pp, :expect_failures => true)
end
end

25
modules/postgresql/spec/acceptance/server/plperl_spec.rb Normal file
View file

@ -0,0 +1,25 @@
require 'spec_helper_acceptance'
describe 'server plperl:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
pp = <<-EOS.unindent
class { 'postgresql::server': ensure => absent }
class { 'postgresql::server::plperl': package_ensure => purged }
EOS
apply_manifest(pp, :catch_failures => true)
end
it 'test loading class with no parameters' do
pending('no support for plperl with default version on centos 5',
:if => (fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5'))
pp = <<-EOS.unindent
class { 'postgresql::server': }
class { 'postgresql::server::plperl': }
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
end
end

88
modules/postgresql/spec/acceptance/server/role_spec.rb Normal file
View file

@ -0,0 +1,88 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::role:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should idempotently create a user who can log in' do
pp = <<-EOS.unindent
$user = "postgresql_test_user"
$password = "postgresql_test_password"
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => postgresql_password($user, $password),
}
EOS
apply_manifest(pp, :catch_failures => true)
# Check that the user can log in
psql('--command="select datname from pg_database" postgres', 'postgresql_test_user') do |r|
expect(r.stdout).to match(/template1/)
expect(r.stderr).to eq('')
end
end
it 'should idempotently alter a user who can log in' do
pp = <<-EOS.unindent
$user = "postgresql_test_user"
$password = "postgresql_test_password2"
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => postgresql_password($user, $password),
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
# Check that the user can log in
psql('--command="select datname from pg_database" postgres', 'postgresql_test_user') do |r|
expect(r.stdout).to match(/template1/)
expect(r.stderr).to eq('')
end
end
it 'should idempotently create a user with a cleartext password' do
pp = <<-EOS.unindent
$user = "postgresql_test_user2"
$password = "postgresql_test_password2"
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => $password,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
# Check that the user can log in
psql('--command="select datname from pg_database" postgres', 'postgresql_test_user2') do |r|
expect(r.stdout).to match(/template1/)
expect(r.stderr).to eq('')
end
end
end

124
modules/postgresql/spec/acceptance/server/table_grant_spec.rb Normal file
View file

@ -0,0 +1,124 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::table_grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should grant all accesses to a user' do
begin
pp = <<-EOS.unindent
$db = 'table_grant'
$user = 'psql_grant_tester'
$password = 'psql_table_pw'
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => postgresql_password($user, $password),
}
postgresql::server::database { $db: }
# Create a rule for the user
postgresql::server::pg_hba_rule { "allow ${user}":
type => 'local',
database => $db,
user => $user,
auth_method => 'ident',
order => 1,
}
postgresql_psql { 'Create testing table':
command => 'CREATE TABLE "test_table" (field integer NOT NULL)',
db => $db,
unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",
require => Postgresql::Server::Database[$db],
}
postgresql::server::table_grant { 'grant insert test':
privilege => 'ALL',
table => 'test_table',
db => $db,
role => $user,
require => Postgresql_psql['Create testing table'],
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
## Check that the user can create a table in the database
psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
expect(r.stdout).to match(/CREATE TABLE/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop table foo" postgres', 'psql_grant_tester')
end
end
it 'should grant access so a user can insert in a table' do
begin
pp = <<-EOS.unindent
$db = 'table_grant'
$user = 'psql_grant_tester'
$password = 'psql_table_pw'
class { 'postgresql::server': }
# Since we are not testing pg_hba or any of that, make a local user for ident auth
user { $user:
ensure => present,
}
postgresql::server::role { $user:
password_hash => postgresql_password($user, $password),
}
postgresql::server::database { $db: }
# Create a rule for the user
postgresql::server::pg_hba_rule { "allow ${user}":
type => 'local',
database => $db,
user => $user,
auth_method => 'ident',
order => 1,
}
postgresql_psql { 'Create testing table':
command => 'CREATE TABLE "test_table" (field integer NOT NULL)',
db => $db,
unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",
require => Postgresql::Server::Database[$db],
}
postgresql::server::table_grant { 'grant insert test':
privilege => 'INSERT',
table => 'test_table',
db => $db,
role => $user,
require => Postgresql_psql['Create testing table'],
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
## Check that the user can create a table in the database
psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
expect(r.stdout).to match(/CREATE TABLE/)
expect(r.stderr).to eq('')
end
ensure
psql('--command="drop table foo" postgres', 'psql_grant_tester')
end
end
end

67
modules/postgresql/spec/acceptance/server/tablespace_spec.rb Normal file
View file

@ -0,0 +1,67 @@
require 'spec_helper_acceptance'
describe 'postgresql::server::tablespace:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
after :all do
# Cleanup after tests have ran
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
end
it 'should idempotently create tablespaces and databases that are using them' do
pp = <<-EOS.unindent
class { 'postgresql::server': }
file { '/tmp/postgres/pg_tablespaces':
ensure => 'directory',
owner => 'postgres',
group => 'postgres',
mode => '0700',
}
postgresql::server::tablespace { 'tablespace1':
location => '/tmp/postgres/pg_tablespaces/space1',
}
postgresql::server::database { 'tablespacedb1':
encoding => 'utf8',
tablespace => 'tablespace1',
}
postgresql::server::db { 'tablespacedb2':
user => 'dbuser2',
password => postgresql_password('dbuser2', 'dbuser2'),
tablespace => 'tablespace1',
}
postgresql::server::role { 'spcuser':
password_hash => postgresql_password('spcuser', 'spcuser'),
}
postgresql::server::tablespace { 'tablespace2':
location => '/tmp/postgres/pg_tablespaces/space2',
owner => 'spcuser',
}
postgresql::server::database { 'tablespacedb3':
encoding => 'utf8',
tablespace => 'tablespace2',
}
EOS
shell('mkdir -p /tmp/postgres')
# Apply appropriate selinux labels
if fact('osfamily') == 'RedHat'
if shell('getenforce').stdout =~ /Enforcing/
shell('chcon -Rv --type=postgresql_db_t /tmp/postgres')
end
end
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
# Check that databases use correct tablespaces
psql('--command="select ts.spcname from pg_database db, pg_tablespace ts where db.dattablespace = ts.oid and db.datname = \'"\'tablespacedb1\'"\'"') do |r|
expect(r.stdout).to match(/tablespace1/)
expect(r.stderr).to eq('')
end
psql('--command="select ts.spcname from pg_database db, pg_tablespace ts where db.dattablespace = ts.oid and db.datname = \'"\'tablespacedb3\'"\'"') do |r|
expect(r.stdout).to match(/tablespace2/)
expect(r.stderr).to eq('')
end
end
end