freighthop 0.3.3 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Puppetfile +1 -1
- data/Puppetfile.lock +4 -5
- data/README.md +18 -7
- data/Vagrantfile +4 -0
- data/lib/freighthop/cli/help.rb +1 -0
- data/lib/freighthop/cli/init.rb +10 -10
- data/lib/freighthop/cli/version.rb +17 -0
- data/lib/freighthop/cli.rb +3 -1
- data/lib/freighthop/version.rb +1 -1
- data/lib/freighthop.rb +4 -0
- data/modules/apt/CHANGELOG +2 -36
- data/modules/apt/Gemfile +5 -6
- data/modules/apt/Gemfile.lock +7 -40
- data/modules/apt/Modulefile +1 -1
- data/modules/apt/README.md +1 -2
- data/modules/apt/Rakefile +0 -1
- data/modules/apt/manifests/init.pp +2 -5
- data/modules/apt/manifests/params.pp +1 -4
- data/modules/apt/manifests/pin.pp +1 -1
- data/modules/apt/manifests/ppa.pp +10 -24
- data/modules/apt/manifests/update.pp +0 -1
- data/modules/apt/metadata.json +19 -32
- data/modules/apt/spec/defines/ppa_spec.rb +2 -53
- data/modules/apt/spec/defines/source_spec.rb +2 -2
- data/modules/apt/templates/source.list.erb +2 -2
- data/modules/apt/tests/key.pp +3 -3
- data/modules/concat/CHANGELOG +73 -0
- data/modules/concat/Gemfile +20 -0
- data/modules/concat/Gemfile.lock +104 -0
- data/modules/concat/Modulefile +7 -6
- data/modules/concat/README.md +440 -0
- data/modules/concat/Rakefile +5 -1
- data/modules/concat/files/concatfragments.rb +137 -0
- data/modules/concat/files/concatfragments.sh +15 -4
- data/modules/concat/lib/facter/concat_basedir.rb +9 -3
- data/modules/concat/manifests/fragment.pp +108 -48
- data/modules/concat/manifests/init.pp +191 -210
- data/modules/concat/manifests/setup.pp +31 -31
- data/modules/concat/metadata.json +40 -21
- data/modules/{apt → concat}/spec/spec_helper_system.rb +11 -6
- data/modules/{firewall → concat}/spec/system/basic_spec.rb +1 -1
- data/modules/concat/spec/system/concat_spec.rb +154 -0
- data/modules/concat/spec/system/deprecation_warnings_spec.rb +247 -0
- data/modules/concat/spec/system/empty_spec.rb +27 -0
- data/modules/concat/spec/system/fragment_source_spec.rb +142 -0
- data/modules/concat/spec/system/replace_spec.rb +257 -0
- data/modules/concat/spec/system/symbolic_name_spec.rb +35 -0
- data/modules/concat/spec/system/warn_spec.rb +106 -0
- data/modules/concat/spec/unit/classes/concat_setup_spec.rb +42 -0
- data/modules/concat/spec/unit/defines/concat_fragment_spec.rb +267 -0
- data/modules/concat/spec/unit/defines/concat_spec.rb +380 -0
- data/modules/concat/spec/unit/facts/concat_basedir_spec.rb +18 -0
- data/modules/concat/tests/fragment.pp +19 -0
- data/modules/concat/tests/init.pp +7 -0
- data/modules/firewall/Changelog +38 -0
- data/modules/firewall/Gemfile +5 -2
- data/modules/firewall/Gemfile.lock +76 -26
- data/modules/firewall/Modulefile +1 -1
- data/modules/firewall/README.markdown +47 -15
- data/modules/firewall/Rakefile +0 -7
- data/modules/firewall/lib/puppet/provider/firewall/ip6tables.rb +50 -7
- data/modules/firewall/lib/puppet/provider/firewall/iptables.rb +147 -31
- data/modules/firewall/lib/puppet/provider/firewallchain/iptables_chain.rb +19 -8
- data/modules/firewall/lib/puppet/type/firewall.rb +207 -3
- data/modules/firewall/lib/puppet/type/firewallchain.rb +73 -2
- data/modules/firewall/lib/puppet/util/firewall.rb +14 -0
- data/modules/firewall/metadata.json +181 -76
- data/modules/firewall/spec/acceptance/basic_spec.rb +8 -0
- data/modules/firewall/spec/acceptance/change_source_spec.rb +77 -0
- data/modules/firewall/spec/acceptance/class_spec.rb +27 -0
- data/modules/firewall/spec/acceptance/firewall_spec.rb +1608 -0
- data/modules/firewall/spec/acceptance/firewallchain_spec.rb +125 -0
- data/modules/firewall/spec/acceptance/ip6_fragment_spec.rb +94 -0
- data/modules/firewall/spec/acceptance/isfragment_spec.rb +92 -0
- data/modules/firewall/spec/acceptance/nodesets/centos-59-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/centos-64-x64-fusion.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/centos-64-x64-pe.yml +12 -0
- data/modules/firewall/spec/acceptance/nodesets/centos-64-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/debian-607-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/debian-70rc1-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/default.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/fedora-18-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/sles-11sp1-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +10 -0
- data/modules/firewall/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +10 -0
- data/modules/firewall/spec/{system → acceptance}/params_spec.rb +44 -52
- data/modules/firewall/spec/acceptance/purge_spec.rb +124 -0
- data/modules/firewall/spec/acceptance/resource_cmd_spec.rb +93 -0
- data/modules/firewall/spec/acceptance/rules_spec.rb +248 -0
- data/modules/firewall/spec/acceptance/socket_spec.rb +96 -0
- data/modules/firewall/spec/{system → acceptance}/standard_usage_spec.rb +6 -10
- data/modules/firewall/spec/fixtures/ip6tables/conversion_hash.rb +107 -0
- data/modules/firewall/spec/fixtures/iptables/conversion_hash.rb +56 -2
- data/modules/firewall/spec/spec_helper_acceptance.rb +38 -0
- data/modules/firewall/spec/unit/classes/firewall_spec.rb +2 -2
- data/modules/firewall/spec/unit/facter/iptables_persistent_version_spec.rb +8 -5
- data/modules/firewall/spec/unit/facter/iptables_spec.rb +6 -4
- data/modules/firewall/spec/unit/puppet/provider/iptables_chain_spec.rb +14 -4
- data/modules/firewall/spec/unit/puppet/provider/iptables_spec.rb +246 -5
- data/modules/firewall/spec/unit/puppet/type/firewall_spec.rb +99 -8
- data/modules/firewall/spec/unit/puppet/type/firewallchain_spec.rb +50 -6
- data/modules/firewall/spec/unit/puppet/util/firewall_spec.rb +21 -0
- data/modules/mysql/CHANGELOG +0 -30
- data/modules/mysql/Gemfile +0 -1
- data/modules/mysql/Gemfile.lock +30 -31
- data/modules/mysql/Modulefile +1 -1
- data/modules/mysql/README.md +2 -49
- data/modules/mysql/files/mysqltuner.pl +1 -1
- data/modules/mysql/lib/puppet/provider/database/mysql.rb +1 -1
- data/modules/mysql/lib/puppet/provider/database_grant/mysql.rb +1 -1
- data/modules/mysql/lib/puppet/provider/database_user/mysql.rb +1 -1
- data/modules/mysql/lib/puppet/provider/mysql.rb +1 -2
- data/modules/mysql/lib/puppet/provider/mysql_database/mysql.rb +13 -2
- data/modules/mysql/lib/puppet/provider/mysql_user/mysql.rb +12 -0
- data/modules/mysql/lib/puppet/type/database_user.rb +1 -1
- data/modules/mysql/lib/puppet/type/mysql_grant.rb +3 -5
- data/modules/mysql/manifests/client.pp +0 -7
- data/modules/mysql/manifests/server/root_password.pp +0 -2
- data/modules/mysql/manifests/server.pp +0 -6
- data/modules/mysql/metadata.json +79 -81
- data/modules/mysql/spec/classes/mysql_server_spec.rb +0 -74
- data/modules/mysql/spec/system/mysql_server_root_password_spec.rb +1 -7
- data/modules/mysql/spec/system/mysql_server_spec.rb +3 -6
- data/modules/mysql/spec/system/types/mysql_grant_spec.rb +0 -27
- data/modules/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb +1 -1
- data/modules/mysql/spec/unit/puppet/provider/database/mysql_spec.rb +4 -4
- data/modules/mysql/spec/unit/puppet/provider/database_grant/mysql_spec.rb +15 -15
- data/modules/mysql/spec/unit/puppet/provider/database_user/mysql_spec.rb +4 -4
- data/modules/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb +3 -3
- data/modules/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb +3 -3
- data/modules/mysql/templates/my.cnf.erb +2 -4
- data/modules/mysql/tests/mysql_grant.pp +1 -1
- data/modules/postgresql/Changelog +31 -0
- data/modules/postgresql/Gemfile +4 -2
- data/modules/postgresql/Modulefile +1 -1
- data/modules/postgresql/README.md +10 -4
- data/modules/postgresql/Rakefile +0 -1
- data/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb +25 -3
- data/modules/postgresql/manifests/globals.pp +2 -0
- data/modules/postgresql/manifests/params.pp +21 -0
- data/modules/postgresql/manifests/server/config.pp +0 -5
- data/modules/postgresql/manifests/server/config_entry.pp +1 -1
- data/modules/postgresql/manifests/server/database.pp +2 -1
- data/modules/postgresql/manifests/server/db.pp +2 -0
- data/modules/postgresql/manifests/server/grant.pp +20 -16
- data/modules/postgresql/manifests/server/initdb.pp +27 -3
- data/modules/postgresql/manifests/server/pg_hba_rule.pp +2 -4
- data/modules/postgresql/manifests/server/role.pp +8 -2
- data/modules/postgresql/manifests/server/service.pp +5 -0
- data/modules/postgresql/manifests/server.pp +2 -0
- data/modules/postgresql/metadata.json +88 -65
- data/modules/postgresql/spec/acceptance/client_spec.rb +18 -0
- data/modules/postgresql/spec/{system → acceptance}/common_patterns_spec.rb +8 -14
- data/modules/postgresql/spec/{system → acceptance}/contrib_spec.rb +4 -9
- data/modules/postgresql/spec/acceptance/lib/devel_spec.rb +17 -0
- data/modules/postgresql/spec/acceptance/lib/java_spec.rb +20 -0
- data/modules/postgresql/spec/acceptance/lib/python_spec.rb +19 -0
- data/modules/postgresql/spec/acceptance/nodesets/centos-510-x64.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/centos-59-x64.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/centos-64-x64-pe.yml +12 -0
- data/modules/postgresql/spec/acceptance/nodesets/centos-64-x64.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/debian-607-x64.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/debian-73-x64.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/default.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +10 -0
- data/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +10 -0
- data/modules/postgresql/spec/{system → acceptance}/postgresql_psql_spec.rb +6 -14
- data/modules/postgresql/spec/{system → acceptance}/server/config_entry_spec.rb +6 -12
- data/modules/postgresql/spec/{system → acceptance}/server/database_grant_spec.rb +6 -12
- data/modules/postgresql/spec/{system → acceptance}/server/database_spec.rb +6 -12
- data/modules/postgresql/spec/{system → acceptance}/server/db_spec.rb +47 -42
- data/modules/postgresql/spec/{system → acceptance}/server/grant_spec.rb +6 -12
- data/modules/postgresql/spec/{system → acceptance}/server/pg_hba_rule_spec.rb +10 -23
- data/modules/postgresql/spec/{system → acceptance}/server/plperl_spec.rb +6 -10
- data/modules/postgresql/spec/{system → acceptance}/server/role_spec.rb +13 -28
- data/modules/postgresql/spec/acceptance/server/table_grant_spec.rb +124 -0
- data/modules/postgresql/spec/{system → acceptance}/server/tablespace_spec.rb +8 -22
- data/modules/postgresql/spec/{system → acceptance}/server_spec.rb +38 -61
- data/modules/postgresql/spec/{system → acceptance}/validate_db_connection_spec.rb +8 -20
- data/modules/postgresql/spec/spec_helper_acceptance.rb +70 -0
- data/modules/postgresql/spec/unit/classes/globals_spec.rb +2 -2
- data/modules/postgresql/spec/unit/classes/lib/devel_spec.rb +1 -1
- data/modules/postgresql/spec/unit/classes/params_spec.rb +1 -1
- data/modules/postgresql/spec/unit/classes/repo_spec.rb +1 -1
- data/modules/postgresql/spec/unit/classes/server/initdb_spec.rb +2 -1
- data/modules/postgresql/spec/unit/classes/server/plperl_spec.rb +2 -2
- data/modules/postgresql/spec/unit/classes/server_spec.rb +9 -2
- data/modules/postgresql/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +15 -17
- data/modules/rbenv/bin/autospec +0 -0
- data/modules/rbenv/bin/facter +0 -0
- data/modules/rbenv/bin/filebucket +0 -0
- data/modules/rbenv/bin/hiera +0 -0
- data/modules/rbenv/bin/htmldiff +0 -0
- data/modules/rbenv/bin/ldiff +0 -0
- data/modules/rbenv/bin/pi +0 -0
- data/modules/rbenv/bin/puppet +0 -0
- data/modules/rbenv/bin/puppet-lint +0 -0
- data/modules/rbenv/bin/puppet-module +0 -0
- data/modules/rbenv/bin/puppetca +0 -0
- data/modules/rbenv/bin/puppetd +0 -0
- data/modules/rbenv/bin/puppetdoc +0 -0
- data/modules/rbenv/bin/puppetmasterd +0 -0
- data/modules/rbenv/bin/puppetqd +0 -0
- data/modules/rbenv/bin/puppetrun +0 -0
- data/modules/rbenv/bin/rake +0 -0
- data/modules/rbenv/bin/ralsh +0 -0
- data/modules/rbenv/bin/rspec +0 -0
- data/modules/rbenv/bin/rspec-puppet-init +0 -0
- data/modules/stdlib/spec/monkey_patches/alias_should_to_must.rb +0 -0
- data/modules/stdlib/spec/monkey_patches/publicize_methods.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/abs_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/bool2num_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/capitalize_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/chomp_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/chop_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/delete_at_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/delete_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/dirname_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/downcase_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/empty_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/flatten_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/grep_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/has_interface_with_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/has_ip_address_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/has_ip_network_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/max_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/min_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/reject_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/to_bytes_spec.rb +0 -0
- data/modules/stdlib/spec/unit/puppet/parser/functions/validate_slength_spec.rb +0 -0
- metadata +92 -77
- data/modules/apt/manifests/unattended_upgrades.pp +0 -68
- data/modules/apt/spec/classes/unattended_upgrades_spec.rb +0 -204
- data/modules/apt/spec/system/apt_builddep_spec.rb +0 -38
- data/modules/apt/spec/system/apt_key_spec.rb +0 -53
- data/modules/apt/spec/system/apt_ppa_spec.rb +0 -59
- data/modules/apt/spec/system/apt_source_spec.rb +0 -51
- data/modules/apt/spec/system/basic_spec.rb +0 -10
- data/modules/apt/spec/system/class_spec.rb +0 -20
- data/modules/apt/templates/10periodic.erb +0 -12
- data/modules/apt/templates/50unattended-upgrades.erb +0 -53
- data/modules/apt/tests/unattended-upgrades.pp +0 -1
- data/modules/concat/README.markdown +0 -150
- data/modules/concat/spec/defines/init_spec.rb +0 -115
- data/modules/concat/spec/fixtures/manifests/site.pp +0 -0
- data/modules/firewall/spec/spec_helper_system.rb +0 -49
- data/modules/firewall/spec/system/class_spec.rb +0 -39
- data/modules/firewall/spec/system/purge_spec.rb +0 -29
- data/modules/firewall/spec/system/resource_cmd_spec.rb +0 -53
- data/modules/mysql/manifests/server/providers.pp +0 -8
- data/modules/mysql/tests/bindings.pp +0 -3
- data/modules/postgresql/Gemfile.lock +0 -74
- data/modules/postgresql/spec/spec_helper_system.rb +0 -66
- data/modules/postgresql/spec/system/client_spec.rb +0 -22
- data/modules/postgresql/spec/system/lib/devel_spec.rb +0 -22
- data/modules/postgresql/spec/system/lib/java_spec.rb +0 -25
- data/modules/postgresql/spec/system/lib/python_spec.rb +0 -24
- data/modules/postgresql/spec/system/server/table_grant_spec.rb +0 -72
@@ -8,18 +8,18 @@ describe firewall do
|
|
8
8
|
before :each do
|
9
9
|
@class = firewall
|
10
10
|
@provider = double 'provider'
|
11
|
-
@provider.
|
12
|
-
Puppet::Type::Firewall.
|
11
|
+
allow(@provider).to receive(:name).and_return(:iptables)
|
12
|
+
allow(Puppet::Type::Firewall).to receive(:defaultprovider).and_return @provider
|
13
13
|
|
14
14
|
@resource = @class.new({:name => '000 test foo'})
|
15
15
|
|
16
16
|
# Stub iptables version
|
17
|
-
Facter.fact(:iptables_version).
|
18
|
-
Facter.fact(:ip6tables_version).
|
17
|
+
allow(Facter.fact(:iptables_version)).to receive(:value).and_return('1.4.2')
|
18
|
+
allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return('1.4.2')
|
19
19
|
|
20
20
|
# Stub confine facts
|
21
|
-
Facter.fact(:kernel).
|
22
|
-
Facter.fact(:operatingsystem).
|
21
|
+
allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux')
|
22
|
+
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian')
|
23
23
|
end
|
24
24
|
|
25
25
|
it 'should have :name be its namevar' do
|
@@ -130,6 +130,10 @@ describe firewall do
|
|
130
130
|
@resource[addr].should == nil
|
131
131
|
end
|
132
132
|
end
|
133
|
+
it "should accept a negated #{addr} as a string" do
|
134
|
+
@resource[addr] = '! 127.0.0.1'
|
135
|
+
@resource[addr].should == '! 127.0.0.1/32'
|
136
|
+
end
|
133
137
|
end
|
134
138
|
end
|
135
139
|
|
@@ -316,6 +320,23 @@ describe firewall do
|
|
316
320
|
end
|
317
321
|
end
|
318
322
|
|
323
|
+
describe ':ctstate' do
|
324
|
+
it 'should accept value as a string' do
|
325
|
+
@resource[:ctstate] = :INVALID
|
326
|
+
@resource[:ctstate].should == [:INVALID]
|
327
|
+
end
|
328
|
+
|
329
|
+
it 'should accept value as an array' do
|
330
|
+
@resource[:ctstate] = [:INVALID, :NEW]
|
331
|
+
@resource[:ctstate].should == [:INVALID, :NEW]
|
332
|
+
end
|
333
|
+
|
334
|
+
it 'should sort values alphabetically' do
|
335
|
+
@resource[:ctstate] = [:NEW, :ESTABLISHED]
|
336
|
+
@resource[:ctstate].should == [:ESTABLISHED, :NEW]
|
337
|
+
end
|
338
|
+
end
|
339
|
+
|
319
340
|
describe ':burst' do
|
320
341
|
it 'should accept numeric values' do
|
321
342
|
@resource[:burst] = 12
|
@@ -327,6 +348,15 @@ describe firewall do
|
|
327
348
|
end
|
328
349
|
end
|
329
350
|
|
351
|
+
describe ':recent' do
|
352
|
+
['set', 'update', 'rcheck', 'remove'].each do |recent|
|
353
|
+
it "should accept recent value #{recent}" do
|
354
|
+
@resource[:recent] = recent
|
355
|
+
@resource[:recent].should == "--#{recent}"
|
356
|
+
end
|
357
|
+
end
|
358
|
+
end
|
359
|
+
|
330
360
|
describe ':action and :jump' do
|
331
361
|
it 'should allow only 1 to be set at a time' do
|
332
362
|
expect {
|
@@ -362,8 +392,8 @@ describe firewall do
|
|
362
392
|
describe "with iptables #{iptables_version}" do
|
363
393
|
before {
|
364
394
|
Facter.clear
|
365
|
-
Facter.fact(:iptables_version).
|
366
|
-
Facter.fact(:ip6tables_version).
|
395
|
+
allow(Facter.fact(:iptables_version)).to receive(:value).and_return iptables_version
|
396
|
+
allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return iptables_version
|
367
397
|
}
|
368
398
|
|
369
399
|
if iptables_version == '1.3.2'
|
@@ -486,6 +516,67 @@ describe firewall do
|
|
486
516
|
rel.source.ref.should == chain.ref
|
487
517
|
rel.target.ref.should == @resource.ref
|
488
518
|
end
|
519
|
+
|
520
|
+
# test where autorequire is still needed (table != filter)
|
521
|
+
['INPUT', 'OUTPUT', 'FORWARD'].each do |test_chain|
|
522
|
+
it "should autorequire fwchain #{test_chain} when table is mangle and provider is undefined" do
|
523
|
+
@resource[param] = test_chain
|
524
|
+
@resource[:table] = :mangle
|
525
|
+
@resource[:provider].should == :iptables
|
526
|
+
|
527
|
+
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:mangle:IPv4")
|
528
|
+
catalog = Puppet::Resource::Catalog.new
|
529
|
+
catalog.add_resource @resource
|
530
|
+
catalog.add_resource chain
|
531
|
+
rel = @resource.autorequire[0]
|
532
|
+
rel.source.ref.should == chain.ref
|
533
|
+
rel.target.ref.should == @resource.ref
|
534
|
+
end
|
535
|
+
|
536
|
+
it "should autorequire fwchain #{test_chain} when table is mangle and provider is ip6tables" do
|
537
|
+
@resource[param] = test_chain
|
538
|
+
@resource[:table] = :mangle
|
539
|
+
@resource[:provider] = :ip6tables
|
540
|
+
|
541
|
+
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:mangle:IPv6")
|
542
|
+
catalog = Puppet::Resource::Catalog.new
|
543
|
+
catalog.add_resource @resource
|
544
|
+
catalog.add_resource chain
|
545
|
+
rel = @resource.autorequire[0]
|
546
|
+
rel.source.ref.should == chain.ref
|
547
|
+
rel.target.ref.should == @resource.ref
|
548
|
+
end
|
549
|
+
end
|
550
|
+
|
551
|
+
# test of case where autorequire should not happen
|
552
|
+
['INPUT', 'OUTPUT', 'FORWARD'].each do |test_chain|
|
553
|
+
|
554
|
+
it "should not autorequire fwchain #{test_chain} when table and provider are undefined" do
|
555
|
+
@resource[param] = test_chain
|
556
|
+
@resource[:table].should == :filter
|
557
|
+
@resource[:provider].should == :iptables
|
558
|
+
|
559
|
+
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:filter:IPv4")
|
560
|
+
catalog = Puppet::Resource::Catalog.new
|
561
|
+
catalog.add_resource @resource
|
562
|
+
catalog.add_resource chain
|
563
|
+
rel = @resource.autorequire[0]
|
564
|
+
rel.should == nil
|
565
|
+
end
|
566
|
+
|
567
|
+
it "should not autorequire fwchain #{test_chain} when table is undefined and provider is ip6tables" do
|
568
|
+
@resource[param] = test_chain
|
569
|
+
@resource[:table].should == :filter
|
570
|
+
@resource[:provider] = :ip6tables
|
571
|
+
|
572
|
+
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:filter:IPv6")
|
573
|
+
catalog = Puppet::Resource::Catalog.new
|
574
|
+
catalog.add_resource @resource
|
575
|
+
catalog.add_resource chain
|
576
|
+
rel = @resource.autorequire[0]
|
577
|
+
rel.should == nil
|
578
|
+
end
|
579
|
+
end
|
489
580
|
end
|
490
581
|
end
|
491
582
|
|
@@ -5,19 +5,19 @@ require 'spec_helper'
|
|
5
5
|
firewallchain = Puppet::Type.type(:firewallchain)
|
6
6
|
|
7
7
|
describe firewallchain do
|
8
|
-
before do
|
8
|
+
before(:each) do
|
9
9
|
# Stub confine facts
|
10
|
-
Facter.fact(:kernel).
|
11
|
-
Facter.fact(:operatingsystem).
|
10
|
+
allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux')
|
11
|
+
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian')
|
12
12
|
end
|
13
13
|
let(:klass) { firewallchain }
|
14
14
|
let(:provider) {
|
15
15
|
prov = double 'provider'
|
16
|
-
prov.
|
16
|
+
allow(prov).to receive(:name).and_return(:iptables_chain)
|
17
17
|
prov
|
18
18
|
}
|
19
19
|
let(:resource) {
|
20
|
-
Puppet::Type::Firewallchain.
|
20
|
+
allow(Puppet::Type::Firewallchain).to receive(:defaultprovider).and_return provider
|
21
21
|
klass.new({:name => 'INPUT:filter:IPv4', :policy => :accept })
|
22
22
|
}
|
23
23
|
|
@@ -26,7 +26,7 @@ describe firewallchain do
|
|
26
26
|
end
|
27
27
|
|
28
28
|
describe ':name' do
|
29
|
-
{'nat' => ['PREROUTING', 'POSTROUTING', 'OUTPUT'],
|
29
|
+
{'nat' => ['PREROUTING', 'POSTROUTING', 'INPUT', 'OUTPUT'],
|
30
30
|
'mangle' => [ 'PREROUTING', 'POSTROUTING', 'INPUT', 'FORWARD', 'OUTPUT' ],
|
31
31
|
'filter' => ['INPUT','OUTPUT','FORWARD'],
|
32
32
|
'raw' => [ 'PREROUTING', 'OUTPUT'],
|
@@ -138,4 +138,48 @@ describe firewallchain do
|
|
138
138
|
end
|
139
139
|
end
|
140
140
|
end
|
141
|
+
|
142
|
+
describe 'purge iptables rules' do
|
143
|
+
before(:each) do
|
144
|
+
allow(Puppet::Type.type(:firewall).provider(:iptables)).to receive(:iptables_save).and_return(<<EOS
|
145
|
+
# Completed on Sun Jan 5 19:30:21 2014
|
146
|
+
# Generated by iptables-save v1.4.12 on Sun Jan 5 19:30:21 2014
|
147
|
+
*filter
|
148
|
+
:INPUT DROP [0:0]
|
149
|
+
:FORWARD DROP [0:0]
|
150
|
+
:OUTPUT ACCEPT [0:0]
|
151
|
+
:LOCAL_FORWARD - [0:0]
|
152
|
+
:LOCAL_FORWARD_PRE - [0:0]
|
153
|
+
:LOCAL_INPUT - [0:0]
|
154
|
+
:LOCAL_INPUT_PRE - [0:0]
|
155
|
+
:fail2ban-ssh - [0:0]
|
156
|
+
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
|
157
|
+
-A INPUT -i lo -m comment --comment "012 accept loopback" -j ACCEPT
|
158
|
+
-A INPUT -p tcp -m multiport --dports 22 -m comment --comment "020 ssh" -j ACCEPT
|
159
|
+
-A OUTPUT -d 1.2.1.2 -j DROP
|
160
|
+
-A fail2ban-ssh -j RETURN
|
161
|
+
COMMIT
|
162
|
+
# Completed on Sun Jan 5 19:30:21 2014
|
163
|
+
EOS
|
164
|
+
)
|
165
|
+
end
|
166
|
+
|
167
|
+
it 'should generate iptables resources' do
|
168
|
+
resource = Puppet::Type::Firewallchain.new(:name => 'INPUT:filter:IPv4', :purge => true)
|
169
|
+
|
170
|
+
expect(resource.generate.size).to eq(3)
|
171
|
+
end
|
172
|
+
|
173
|
+
it 'should not generate ignored iptables rules' do
|
174
|
+
resource = Puppet::Type::Firewallchain.new(:name => 'INPUT:filter:IPv4', :purge => true, :ignore => ['-j fail2ban-ssh'])
|
175
|
+
|
176
|
+
expect(resource.generate.size).to eq(2)
|
177
|
+
end
|
178
|
+
|
179
|
+
it 'should not generate iptables resources when not enabled' do
|
180
|
+
resource = Puppet::Type::Firewallchain.new(:name => 'INPUT:filter:IPv4')
|
181
|
+
|
182
|
+
expect(resource.generate.size).to eq(0)
|
183
|
+
end
|
184
|
+
end
|
141
185
|
end
|
@@ -25,6 +25,27 @@ describe 'Puppet::Util::Firewall' do
|
|
25
25
|
specify { subject.host_to_ip('::/0').should == nil }
|
26
26
|
end
|
27
27
|
|
28
|
+
describe '#host_to_mask' do
|
29
|
+
subject { resource }
|
30
|
+
specify {
|
31
|
+
expect(Resolv).to receive(:getaddress).at_least(:once).with('puppetlabs.com').and_return('96.126.112.51')
|
32
|
+
subject.host_to_mask('puppetlabs.com').should == '96.126.112.51/32'
|
33
|
+
subject.host_to_mask('!puppetlabs.com').should == '! 96.126.112.51/32'
|
34
|
+
}
|
35
|
+
specify { subject.host_to_mask('96.126.112.51').should == '96.126.112.51/32' }
|
36
|
+
specify { subject.host_to_mask('!96.126.112.51').should == '! 96.126.112.51/32' }
|
37
|
+
specify { subject.host_to_mask('96.126.112.51/32').should == '96.126.112.51/32' }
|
38
|
+
specify { subject.host_to_mask('! 96.126.112.51/32').should == '! 96.126.112.51/32' }
|
39
|
+
specify { subject.host_to_mask('2001:db8:85a3:0:0:8a2e:370:7334').should == '2001:db8:85a3::8a2e:370:7334/128' }
|
40
|
+
specify { subject.host_to_mask('!2001:db8:85a3:0:0:8a2e:370:7334').should == '! 2001:db8:85a3::8a2e:370:7334/128' }
|
41
|
+
specify { subject.host_to_mask('2001:db8:1234::/48').should == '2001:db8:1234::/48' }
|
42
|
+
specify { subject.host_to_mask('! 2001:db8:1234::/48').should == '! 2001:db8:1234::/48' }
|
43
|
+
specify { subject.host_to_mask('0.0.0.0/0').should == nil }
|
44
|
+
specify { subject.host_to_mask('!0.0.0.0/0').should == nil }
|
45
|
+
specify { subject.host_to_mask('::/0').should == nil }
|
46
|
+
specify { subject.host_to_mask('! ::/0').should == nil }
|
47
|
+
end
|
48
|
+
|
28
49
|
describe '#icmp_name_to_number' do
|
29
50
|
describe 'proto unsupported' do
|
30
51
|
subject { resource }
|
data/modules/mysql/CHANGELOG
CHANGED
@@ -1,33 +1,3 @@
|
|
1
|
-
2013-11-13 - Version 2.1.0
|
2
|
-
|
3
|
-
Summary:
|
4
|
-
|
5
|
-
The most important changes in 2.1.0 are improvements to the my.cnf creation,
|
6
|
-
as well as providers. Setting options to = true strips them to be just the
|
7
|
-
key name itself, which is required for some options.
|
8
|
-
|
9
|
-
The provider updates fix a number of bugs, from lowercase privileges to
|
10
|
-
deprecation warnings.
|
11
|
-
|
12
|
-
Last, the new hiera integration functionality should make it easier to
|
13
|
-
externalize all your grantts, users, and, databases. Another great set of
|
14
|
-
community submissions helped to make this release.
|
15
|
-
|
16
|
-
Features:
|
17
|
-
- Some options can not take a argument. Gets rid of the '= true' when an
|
18
|
-
option is set to true.
|
19
|
-
- Easier hiera integration: Add hash parameters to mysql::server to allow
|
20
|
-
specifying grants, users, and databases.
|
21
|
-
|
22
|
-
Fixes:
|
23
|
-
- Fix an issue with lowercase privileges in mysql_grant{} causing them to be reapplied needlessly.
|
24
|
-
- Changed defaults-file to defaults-extra-file in providers.
|
25
|
-
- Ensure /root/.my.cnf is 0600 and root owned.
|
26
|
-
- database_user deprecation warning was incorrect.
|
27
|
-
- Add anchor pattern for client.pp
|
28
|
-
- Documentation improvements.
|
29
|
-
- Various test fixes.
|
30
|
-
|
31
1
|
2013-10-21 - Version 2.0.1
|
32
2
|
|
33
3
|
Summary:
|
data/modules/mysql/Gemfile
CHANGED
data/modules/mysql/Gemfile.lock
CHANGED
@@ -2,7 +2,7 @@ GEM
|
|
2
2
|
remote: https://rubygems.org/
|
3
3
|
specs:
|
4
4
|
CFPropertyList (2.2.4)
|
5
|
-
beaker (
|
5
|
+
beaker (0.0.0)
|
6
6
|
blimpy
|
7
7
|
fission
|
8
8
|
inifile
|
@@ -11,22 +11,20 @@ GEM
|
|
11
11
|
net-ssh
|
12
12
|
nokogiri (= 1.5.10)
|
13
13
|
rbvmomi
|
14
|
-
unf
|
15
14
|
blimpy (0.6.7)
|
16
15
|
fog
|
17
16
|
minitar
|
18
17
|
thor
|
19
18
|
builder (3.2.2)
|
20
|
-
coderay (1.
|
21
|
-
diff-lcs (1.2.
|
22
|
-
|
23
|
-
excon (0.28.0)
|
19
|
+
coderay (1.0.9)
|
20
|
+
diff-lcs (1.2.4)
|
21
|
+
excon (0.27.6)
|
24
22
|
facter (1.7.3)
|
25
23
|
fission (0.5.0)
|
26
24
|
CFPropertyList (~> 2.2)
|
27
|
-
fog (1.
|
25
|
+
fog (1.16.0)
|
28
26
|
builder
|
29
|
-
excon (~> 0.
|
27
|
+
excon (~> 0.27.0)
|
30
28
|
formatador (~> 0.2.0)
|
31
29
|
mime-types
|
32
30
|
multi_json (~> 1.0)
|
@@ -34,12 +32,15 @@ GEM
|
|
34
32
|
net-ssh (>= 2.1.3)
|
35
33
|
nokogiri (~> 1.5)
|
36
34
|
ruby-hmac
|
35
|
+
unicode (~> 0.4.4)
|
37
36
|
formatador (0.2.4)
|
37
|
+
hiera (1.2.1)
|
38
|
+
json_pure
|
38
39
|
highline (1.6.20)
|
39
40
|
inifile (2.0.2)
|
40
41
|
json (1.8.1)
|
42
|
+
json_pure (1.8.1)
|
41
43
|
kwalify (0.7.2)
|
42
|
-
lockfile (2.1.0)
|
43
44
|
metaclass (0.0.1)
|
44
45
|
method_source (0.8.2)
|
45
46
|
mime-types (1.25)
|
@@ -51,12 +52,14 @@ GEM
|
|
51
52
|
net-ssh (>= 2.6.5)
|
52
53
|
net-ssh (2.7.0)
|
53
54
|
nokogiri (1.5.10)
|
54
|
-
pry (0.9.12.
|
55
|
-
coderay (~> 1.0)
|
55
|
+
pry (0.9.12.2)
|
56
|
+
coderay (~> 1.0.5)
|
56
57
|
method_source (~> 0.8)
|
57
58
|
slop (~> 3.4)
|
58
|
-
puppet (
|
59
|
-
facter (~> 1.
|
59
|
+
puppet (3.3.1)
|
60
|
+
facter (~> 1.6)
|
61
|
+
hiera (~> 1.0)
|
62
|
+
rgen (~> 0.6.5)
|
60
63
|
puppet-lint (0.3.2)
|
61
64
|
puppetlabs_spec_helper (0.4.1)
|
62
65
|
mocha (>= 0.10.5)
|
@@ -68,23 +71,24 @@ GEM
|
|
68
71
|
builder
|
69
72
|
nokogiri (>= 1.4.1)
|
70
73
|
trollop
|
74
|
+
rgen (0.6.6)
|
71
75
|
rspec (2.14.1)
|
72
76
|
rspec-core (~> 2.14.0)
|
73
77
|
rspec-expectations (~> 2.14.0)
|
74
78
|
rspec-mocks (~> 2.14.0)
|
75
|
-
rspec-core (2.14.
|
76
|
-
rspec-expectations (2.14.
|
79
|
+
rspec-core (2.14.6)
|
80
|
+
rspec-expectations (2.14.3)
|
77
81
|
diff-lcs (>= 1.1.3, < 2.0)
|
78
82
|
rspec-mocks (2.14.4)
|
79
83
|
rspec-puppet (0.1.6)
|
80
84
|
rspec
|
81
|
-
rspec-system (2.
|
85
|
+
rspec-system (2.5.1)
|
82
86
|
kwalify (~> 0.7.2)
|
83
87
|
net-scp (~> 1.1)
|
84
|
-
net-ssh (~> 2.
|
85
|
-
nokogiri (~> 1.5.
|
88
|
+
net-ssh (~> 2.6)
|
89
|
+
nokogiri (~> 1.5.9)
|
86
90
|
rbvmomi (~> 1.6)
|
87
|
-
rspec (~> 2.
|
91
|
+
rspec (~> 2.13)
|
88
92
|
systemu (~> 2.5)
|
89
93
|
rspec-system-puppet (2.2.1)
|
90
94
|
rspec-system (~> 2.0)
|
@@ -92,32 +96,27 @@ GEM
|
|
92
96
|
rspec-system (~> 2.0)
|
93
97
|
serverspec (~> 0.0)
|
94
98
|
ruby-hmac (0.4.0)
|
95
|
-
serverspec (0.
|
99
|
+
serverspec (0.10.9)
|
96
100
|
highline
|
97
101
|
net-ssh
|
98
102
|
rspec (>= 2.13.0)
|
99
|
-
simplecov (0.
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
simplecov-html (~> 0.8.0)
|
104
|
-
simplecov-html (0.8.0)
|
103
|
+
simplecov (0.7.1)
|
104
|
+
multi_json (~> 1.0)
|
105
|
+
simplecov-html (~> 0.7.1)
|
106
|
+
simplecov-html (0.7.1)
|
105
107
|
slop (3.4.6)
|
106
108
|
systemu (2.5.2)
|
107
109
|
thor (0.18.1)
|
108
110
|
trollop (2.0)
|
109
|
-
|
110
|
-
unf_ext
|
111
|
-
unf_ext (0.0.6)
|
111
|
+
unicode (0.4.4)
|
112
112
|
|
113
113
|
PLATFORMS
|
114
114
|
ruby
|
115
115
|
|
116
116
|
DEPENDENCIES
|
117
117
|
beaker
|
118
|
-
mime-types (< 2.0)
|
119
118
|
pry
|
120
|
-
puppet (~>
|
119
|
+
puppet (~> 3.3.0)
|
121
120
|
puppet-lint
|
122
121
|
puppetlabs_spec_helper
|
123
122
|
rake
|
data/modules/mysql/Modulefile
CHANGED
data/modules/mysql/README.md
CHANGED
@@ -54,7 +54,6 @@ pass in an override hash as seen below:
|
|
54
54
|
|
55
55
|
```puppet
|
56
56
|
class { '::mysql::server':
|
57
|
-
root_password => 'strongpassword',
|
58
57
|
override_options => { 'mysqld' => { 'max_connections' => '1024' } }
|
59
58
|
}
|
60
59
|
```
|
@@ -70,7 +69,7 @@ client you use `mysql::client`, and to install bindings you can use
|
|
70
69
|
The hash structure for overrides in `mysql::server` is as follows:
|
71
70
|
|
72
71
|
```puppet
|
73
|
-
|
72
|
+
override_options = {
|
74
73
|
'section' => {
|
75
74
|
'item' => 'thing',
|
76
75
|
}
|
@@ -112,7 +111,6 @@ hardcoded into the my.cnf template file.
|
|
112
111
|
* `mysql::server::config`: Configures MYSQL.
|
113
112
|
* `mysql::server::service`: Manages service.
|
114
113
|
* `mysql::server::root_password`: Sets MySQL root password.
|
115
|
-
* `mysql::server::providers`: Creates users, grants, and databases.
|
116
114
|
* `mysql::bindings::java`: Installs Java bindings.
|
117
115
|
* `mysql::bindings::perl`: Installs Perl bindings.
|
118
116
|
* `mysql::bindings::python`: Installs Python bindings.
|
@@ -137,7 +135,7 @@ This is the hash of override options to pass into MySQL. It can be visualized
|
|
137
135
|
like a hash of the my.cnf file, so that entries look like:
|
138
136
|
|
139
137
|
```puppet
|
140
|
-
|
138
|
+
override_options = {
|
141
139
|
'section' => {
|
142
140
|
'item' => 'thing',
|
143
141
|
}
|
@@ -203,51 +201,6 @@ What is the name of the mysql server service.
|
|
203
201
|
|
204
202
|
Which provider to use to manage the service.
|
205
203
|
|
206
|
-
#####`users`
|
207
|
-
|
208
|
-
Optional hash of users to create, which are passed to [mysql_user](#mysql_user). Example:
|
209
|
-
```puppet
|
210
|
-
$users = {
|
211
|
-
'someuser@localhost' => {
|
212
|
-
ensure => 'present',
|
213
|
-
max_connections_per_hour => '0',
|
214
|
-
max_queries_per_hour => '0',
|
215
|
-
max_updates_per_hour => '0',
|
216
|
-
max_user_connections => '0',
|
217
|
-
password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF',
|
218
|
-
},
|
219
|
-
}
|
220
|
-
```
|
221
|
-
|
222
|
-
#####`grants`
|
223
|
-
|
224
|
-
Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). Example:
|
225
|
-
```puppet
|
226
|
-
$grants = {
|
227
|
-
'someuser@localhost/somedb.*' => {
|
228
|
-
ensure => 'present',
|
229
|
-
options => ['GRANT'],
|
230
|
-
privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'],
|
231
|
-
table => 'somedb.*',
|
232
|
-
user => 'someuser@localhost',
|
233
|
-
},
|
234
|
-
}
|
235
|
-
```
|
236
|
-
|
237
|
-
#####`databases`
|
238
|
-
|
239
|
-
Optional hash of databases to create, which are passed to [mysql_database](#mysql_database). Example:
|
240
|
-
```puppet
|
241
|
-
$databases = {
|
242
|
-
'somedb' => {
|
243
|
-
ensure => 'present',
|
244
|
-
charset => 'utf8',
|
245
|
-
},
|
246
|
-
}
|
247
|
-
```
|
248
|
-
|
249
|
-
#####`service_provider`
|
250
|
-
|
251
204
|
####mysql::server::backup
|
252
205
|
|
253
206
|
#####`backupuser`
|
@@ -294,7 +294,7 @@ sub mysql_setup {
|
|
294
294
|
}
|
295
295
|
} elsif ( -r "/etc/mysql/debian.cnf" and $doremote == 0 ){
|
296
296
|
# We have a debian maintenance account, use it
|
297
|
-
$mysqllogin = "--defaults-
|
297
|
+
$mysqllogin = "--defaults-file=/etc/mysql/debian.cnf";
|
298
298
|
my $loginstatus = `mysqladmin $mysqllogin ping 2>&1`;
|
299
299
|
if ($loginstatus =~ /mysqld is alive/) {
|
300
300
|
goodprint "Logged in using credentials from debian maintenance account.\n";
|
@@ -8,7 +8,7 @@ Puppet::Type.type(:database).provide(:mysql) do
|
|
8
8
|
|
9
9
|
def self.defaults_file
|
10
10
|
if File.file?("#{Facter.value(:root_home)}/.my.cnf")
|
11
|
-
"--defaults-
|
11
|
+
"--defaults-file=#{Facter.value(:root_home)}/.my.cnf"
|
12
12
|
else
|
13
13
|
nil
|
14
14
|
end
|
@@ -198,7 +198,7 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|
198
198
|
# Optional defaults file
|
199
199
|
def self.defaults_file
|
200
200
|
if File.file?("#{Facter.value(:root_home)}/.my.cnf")
|
201
|
-
"--defaults-
|
201
|
+
"--defaults-file=#{Facter.value(:root_home)}/.my.cnf"
|
202
202
|
else
|
203
203
|
nil
|
204
204
|
end
|
@@ -64,7 +64,7 @@ Puppet::Type.type(:database_user).provide(:mysql) do
|
|
64
64
|
# Optional defaults file
|
65
65
|
def self.defaults_file
|
66
66
|
if File.file?("#{Facter.value(:root_home)}/.my.cnf")
|
67
|
-
"--defaults-
|
67
|
+
"--defaults-file=#{Facter.value(:root_home)}/.my.cnf"
|
68
68
|
else
|
69
69
|
nil
|
70
70
|
end
|
@@ -8,12 +8,11 @@ class Puppet::Provider::Mysql < Puppet::Provider
|
|
8
8
|
# Optional defaults file
|
9
9
|
def self.defaults_file
|
10
10
|
if File.file?("#{Facter.value(:root_home)}/.my.cnf")
|
11
|
-
"--defaults-
|
11
|
+
"--defaults-file=#{Facter.value(:root_home)}/.my.cnf"
|
12
12
|
else
|
13
13
|
nil
|
14
14
|
end
|
15
15
|
end
|
16
|
-
|
17
16
|
def defaults_file
|
18
17
|
self.class.defaults_file
|
19
18
|
end
|
@@ -1,9 +1,20 @@
|
|
1
|
-
|
2
|
-
Puppet::Type.type(:mysql_database).provide(:mysql, :parent => Puppet::Provider::Mysql) do
|
1
|
+
Puppet::Type.type(:mysql_database).provide(:mysql) do
|
3
2
|
desc 'Manages MySQL databases.'
|
4
3
|
|
5
4
|
commands :mysql => 'mysql'
|
6
5
|
|
6
|
+
def self.defaults_file
|
7
|
+
if File.file?("#{Facter.value(:root_home)}/.my.cnf")
|
8
|
+
"--defaults-file=#{Facter.value(:root_home)}/.my.cnf"
|
9
|
+
else
|
10
|
+
nil
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def defaults_file
|
15
|
+
self.class.defaults_file
|
16
|
+
end
|
17
|
+
|
7
18
|
def self.instances
|
8
19
|
mysql([defaults_file, '-NBe', 'show databases'].compact).split("\n").collect do |name|
|
9
20
|
attributes = {}
|
@@ -4,6 +4,18 @@ Puppet::Type.type(:mysql_user).provide(:mysql, :parent => Puppet::Provider::Mysq
|
|
4
4
|
desc 'manage users for a mysql database.'
|
5
5
|
commands :mysql => 'mysql'
|
6
6
|
|
7
|
+
# Optional defaults file
|
8
|
+
def self.defaults_file
|
9
|
+
if File.file?("#{Facter.value(:root_home)}/.my.cnf")
|
10
|
+
"--defaults-file=#{Facter.value(:root_home)}/.my.cnf"
|
11
|
+
else
|
12
|
+
nil
|
13
|
+
end
|
14
|
+
end
|
15
|
+
def defaults_file
|
16
|
+
self.class.defaults_file
|
17
|
+
end
|
18
|
+
|
7
19
|
# Build a property_hash containing all the discovered information about MySQL
|
8
20
|
# users.
|
9
21
|
def self.instances
|
@@ -7,7 +7,7 @@ Puppet::Type.newtype(:database_user) do
|
|
7
7
|
newparam(:name, :namevar=>true) do
|
8
8
|
desc "The name of the user. This uses the 'username@hostname' or username@hostname."
|
9
9
|
validate do |value|
|
10
|
-
Puppet.warning("database has been deprecated in favor of
|
10
|
+
Puppet.warning("database has been deprecated in favor of mysql_database.")
|
11
11
|
# https://dev.mysql.com/doc/refman/5.1/en/account-names.html
|
12
12
|
# Regex should problably be more like this: /^[`'"]?[^`'"]*[`'"]?@[`'"]?[\w%\.]+[`'"]?$/
|
13
13
|
raise(ArgumentError, "Invalid database user #{value}") unless value =~ /[\w-]*@[\w%\.:]+/
|
@@ -3,7 +3,9 @@ Puppet::Type.newtype(:mysql_grant) do
|
|
3
3
|
@doc = "Manage a MySQL user's rights."
|
4
4
|
ensurable
|
5
5
|
|
6
|
-
autorequire(:file)
|
6
|
+
autorequire(:file) do
|
7
|
+
'/root/.my.cnf'
|
8
|
+
end
|
7
9
|
|
8
10
|
def initialize(*args)
|
9
11
|
super
|
@@ -36,10 +38,6 @@ Puppet::Type.newtype(:mysql_grant) do
|
|
36
38
|
|
37
39
|
newproperty(:privileges, :array_matching => :all) do
|
38
40
|
desc 'Privileges for user'
|
39
|
-
|
40
|
-
munge do |value|
|
41
|
-
value.upcase
|
42
|
-
end
|
43
41
|
end
|
44
42
|
|
45
43
|
newproperty(:table) do
|