from-scratch 0.1.1 → 0.2.0

data/cookbooks/postgresql/providers/user.rb

@@ -0,0 +1,82 @@
+#
+# Cookbook Name:: postgresql
+# Provider:: user
+#
+
+# Support whyrun
+def whyrun_supported?
+  true
+end
+
+action :create do
+  unless @current_resource.exists
+    converge_by "Create PostgreSQL User #{new_resource.name}" do
+      execute "create postgresql user #{new_resource.name}" do # ~FC009
+        user "postgres"
+        command %(psql -c "CREATE ROLE #{role_sql}")
+        sensitive true
+      end
+
+      new_resource.updated_by_last_action(true)
+    end
+  end
+end
+
+action :update do
+  if @current_resource.exists
+    converge_by "Update PostgreSQL User #{new_resource.name}" do
+      execute "update postgresql user #{new_resource.name}" do
+        user "postgres"
+        command %(psql -c "ALTER ROLE #{role_sql}")
+        sensitive true
+      end
+
+      new_resource.updated_by_last_action(true)
+    end
+  end
+end
+
+action :drop do
+  if @current_resource.exists
+    converge_by "Drop PostgreSQL User #{new_resource.name}" do
+      execute "drop postgresql user #{new_resource.name}" do
+        user "postgres"
+        command %(psql -c 'DROP ROLE IF EXISTS \\\"#{new_resource.name}\\\"')
+        sensitive true
+      end
+
+      new_resource.updated_by_last_action(true)
+    end
+  end
+end
+
+def load_current_resource
+  @current_resource = Chef::Resource::PostgresqlUser.new(new_resource.name)
+  @current_resource.name(new_resource.name)
+
+  @current_resource.exists = user_exists?
+end
+
+def user_exists?
+  exists = %(psql -c "SELECT rolname FROM pg_roles WHERE rolname='#{new_resource.name}'" | grep '#{new_resource.name}') # rubocop:disable LineLength
+
+  cmd = Mixlib::ShellOut.new(exists, user: "postgres")
+  cmd.run_command
+  cmd.exitstatus.zero?
+end
+
+def role_sql  # rubocop:disable AbcSize, MethodLength
+  sql = %(\\\"#{new_resource.name}\\\" )
+
+  %w[superuser createdb createrole inherit replication login].each do |perm|
+    sql << "#{"NO" unless new_resource.send(perm)}#{perm.upcase} "
+  end
+
+  sql << if new_resource.encrypted_password
+           "ENCRYPTED PASSWORD '#{new_resource.encrypted_password}'"
+         elsif new_resource.password
+           "PASSWORD '#{new_resource.password}'"
+         else
+           ""
+         end
+end

data/cookbooks/postgresql/recipes/setup_databases.rb

@@ -0,0 +1,36 @@
+#
+# Cookbook Name:: postgresql
+# Recipe:: setup_databases
+#
+
+databases = node["postgresql"]["databases"]
+
+# setup databases
+databases.each do |db|
+  db_action = (db["action"] || "create").to_sym
+  db_extensions = Array(db["extensions"])
+  db_languages  = Array(db["languages"])
+
+  postgresql_database db["name"] do
+    owner db["owner"]
+    encoding db["encoding"]
+    template db["template"]
+    locale db["locale"]
+    action db_action
+  end
+
+  # check for extensions/languages to install from `databases` attribute key
+  next unless db_action == :create
+
+  db_extensions.each do |extension|
+    postgresql_extension extension do
+      database db["name"]
+    end
+  end
+
+  db_languages.each do |language|
+    postgresql_language language do
+      database db["name"]
+    end
+  end
+end

data/cookbooks/postgresql/recipes/setup_users.rb

@@ -0,0 +1,17 @@
+#
+# Cookbook Name:: postgresql
+# Recipe:: setup_users
+#
+
+# setup users
+
+node["postgresql"]["users"].each do |user|
+  postgresql_user user["username"] do
+    superuser user["superuser"]
+    createdb  user["createdb"]
+    login     user["login"]
+    password  user["password"]
+    encrypted_password user["encrypted_password"]
+    action Array(user["action"] || "create").map(&:to_sym)
+  end
+end

data/cookbooks/postgresql/resources/database.rb

@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: postgresql
+# Resource:: database
+#
+
+actions :create, :drop
+
+default_action :create
+
+attribute :name,     kind_of: String, name_attribute: true
+attribute :user,     kind_of: String, default: "postgres"
+attribute :username, kind_of: String
+attribute :host,     kind_of: String
+attribute :port,     kind_of: Integer
+attribute :encoding, kind_of: String, default: "UTF-8"
+attribute :locale,   kind_of: String, default: "en_US.UTF-8"
+attribute :template, kind_of: String, default: "template0"
+attribute :owner,    kind_of: String
+
+attr_accessor :exists

data/cookbooks/postgresql/resources/user.rb

@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: postgresql
+# Resource:: user
+#
+
+actions :create, :update, :drop
+
+default_action :create
+
+attribute :name,               kind_of: String, name_attribute: true
+attribute :superuser,          kind_of: [TrueClass, FalseClass], default: false
+attribute :createdb,           kind_of: [TrueClass, FalseClass], default: false
+attribute :createrole,         kind_of: [TrueClass, FalseClass], default: false
+attribute :inherit,            kind_of: [TrueClass, FalseClass], default: true
+attribute :replication,        kind_of: [TrueClass, FalseClass], default: false
+attribute :login,              kind_of: [TrueClass, FalseClass], default: true
+attribute :password,           kind_of: String
+attribute :encrypted_password, kind_of: String
+
+attr_accessor :exists

data/cookbooks/postgresql/test/unit/debian_server_spec.rb

@@ -0,0 +1,72 @@
+require 'spec_helper'
+
+describe 'debian::postgresql::server' do
+  let(:chef_application) do
+    double('Chef::Application',fatal!:false);
+  end
+  let(:chef_run) do
+    runner = ChefSpec::SoloRunner.new(
+      platform: 'debian', version: '7.4'
+    ) do |node|
+      node.automatic['memory']['total'] = '2048kB'
+      node.automatic['ipaddress'] = '1.1.1.1'
+      node.set['postgresql']['version'] = '9.1'
+      node.set['postgresql']['password']['postgres'] = 'password'
+    end
+    runner.converge('postgresql::server')
+  end
+  before do
+    stub_const('Chef::Application',chef_application)
+    allow(File).to receive(:directory?).and_call_original
+    allow(File).to receive(:directory?).with('/etc/postgresql/9.1/main').and_return(false)
+    stub_command("ls /var/lib/postgresql/9.1/main/recovery.conf").and_return(false)
+  end
+
+  it 'Install postgresql 9.1' do
+    expect(chef_run).to install_package('postgresql-9.1')
+  end
+
+  it 'Install postgresql 9.1 client' do
+    expect(chef_run).to install_package('postgresql-client-9.1')
+  end
+
+  it 'Install postgresql 9.1 dev files' do
+    expect(chef_run).to install_package('libpq-dev')
+  end
+
+  it 'Enable and start service postgresql' do
+    expect(chef_run).to enable_service('postgresql')
+    expect(chef_run).to start_service('postgresql')
+  end
+
+  it 'Create configuration files' do
+    expect(chef_run).to create_template('/etc/postgresql/9.1/main/postgresql.conf')
+    expect(chef_run).to create_template('/etc/postgresql/9.1/main/pg_hba.conf')
+  end
+
+  it 'Assign Postgres Password' do
+    expect(chef_run).to run_bash('assign-postgres-password')
+  end
+
+  context 'when running as a standby host' do
+    it 'does not assign the Postgres password' do
+      stub_command("ls /var/lib/postgresql/9.1/main/recovery.conf").and_return(false)
+      expect(chef_run).to_not run_bash('assign_postgres_password')
+    end
+  end
+
+  it 'Launch Cluster Creation' do
+    expect(chef_run).to run_execute('Set locale and Create cluster')
+  end
+
+  context 'Directory /etc/postgresql/9.1/main exist' do
+    before do
+      allow(File).to receive(:directory?).and_call_original
+      allow(File).to receive(:directory?).with('/etc/postgresql/9.1/main').and_return(true)
+    end
+
+    it 'Don\'t launch Cluster Creation' do
+      expect(chef_run).to_not run_execute('Set locale and Create cluster')
+    end
+  end
+end

data/cookbooks/postgresql/test/unit/default_spec.rb

@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+describe 'postgresql::default' do
+  platforms = {
+    'ubuntu' => {
+      'versions' => ['10.04', '12.04', '14.04']
+     },
+    'centos' => {
+       'versions' => ['6.4', '7.0']
+     },
+    'redhat' => {
+       'versions' => ['6.5', '7.0']
+     },
+    'debian' => {
+       'versions' => ['7.6']
+     }
+  }
+
+  platforms.each do |platform, config|
+    config['versions'].each do |version|
+      context "on #{platform} #{version}" do
+        let(:chef_run) {
+          ChefSpec::SoloRunner.new(
+            :platform => platform.to_s,
+            :version => version.to_s
+          ) do |node|
+          node.set['postgresql']['password']['postgres'] = 'ilikewaffles'
+          end.converge(described_recipe)
+        }
+
+        it 'runs no tests' do
+          expect(chef_run)
+        end
+      end
+    end
+  end
+end

data/cookbooks/postgresql/test/unit/server_spec.rb

@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe 'postgresql::server' do
+  platforms = {
+    'ubuntu' => {
+      'versions' => ['10.04', '12.04', '14.04']
+     },
+    'centos' => {
+       'versions' => ['6.4', '7.0']
+     },
+    'redhat' => {
+       'versions' => ['6.5', '7.0']
+     },
+    'debian' => {
+       'versions' => ['7.6']
+     }
+  }
+
+  platforms.each do |platform, config|
+    config['versions'].each do |version|
+      context "on #{platform} #{version}" do
+        let(:chef_run) {
+          ChefSpec::SoloRunner.new(
+            :platform => platform.to_s,
+            :version => version.to_s
+          ) do |node|
+          node.set['postgresql']['password']['postgres'] = 'ilikewaffles'
+          end.converge(described_recipe)
+        }
+
+        before do
+          stub_command(/ls \/.*\/recovery.conf/).and_return(false)
+        end
+
+        it 'runs no tests' do
+          expect(chef_run)
+        end
+      end
+    end
+  end
+end

data/cookbooks/postgresql/test/unit/spec_helper.rb

@@ -0,0 +1,20 @@
+COOKBOOK_RESOLVERS = {
+  'batali' => ['Batali', 'batali/chefspec'],
+  'berkshelf' => ['Berksfile', 'chefspec/berkshelf'],
+  'librarian' => ['Cheffile', 'chefspec/librarian']
+}
+
+require 'chefspec'
+
+if ENV['COOKBOOK_RESOLVER']
+  require COOKBOOK_RESOLVERS[ENV['COOKBOOK_RESOLVER']]
+else
+  resolver_lib = COOKBOOK_RESOLVERS.values.detect do |r_file, _r_lib|
+    File.exist?(File.join(File.dirname(__FILE__), '..', '..', r_file))
+  end
+  fail 'Failed to locate valid cookbook resolver files!' unless resolver_lib
+  puts "Resolving cookbooks from #{resolver_lib.first}"
+  require resolver_lib.last
+end
+
+at_exit { ChefSpec::Coverage.report! }

data/cookbooks/scratchify/Berksfile

@@ -7,7 +7,7 @@ metadata
 
 cookbook 'user'
 cookbook 'rvm', github: 'fnichol/chef-rvm'
-cookbook 'postgresql'
+cookbook 'postgresql', path: '../postgresql'
 
 # cookbook 'dpkg_packages', git: "https://gitlab.acid.cl/acidlabs/chef-dpkg-packages.git"
 # cookbook 'nginx',         git: "https://gitlab.acid.cl/acidlabs/chef-nginx.git"

data/cookbooks/scratchify/Berksfile.lock

@@ -1,5 +1,6 @@
 DEPENDENCIES
   postgresql
+    path: ../postgresql
   rvm
     git: git://github.com/fnichol/chef-rvm.git
     revision: 08ec265f277e112a5a2e4b201bd32ddfe1bb968c
@@ -14,12 +15,12 @@ GRAPH
   chef-sugar (3.1.1)
   chef_gem (0.1.0)
   java (1.35.0)
-  openssl (4.0.0)
-    chef-sugar (>= 0.0.0)
-  postgresql (3.4.20)
+  openssl (4.4.0)
+    chef-sugar (>= 3.1.1)
+  postgresql (3.4.21)
     apt (>= 1.9.0)
     build-essential (>= 0.0.0)
-    openssl (~> 4.0.0)
+    openssl (~> 4.0)
   rvm (0.10.1)
     chef_gem (>= 0.0.0)
     java (>= 0.0.0)

data/cookbooks/scratchify/lib/from-scratch.rb

@@ -7,6 +7,7 @@ module FromScratch
     app_name, host = ARGV
     ssh_pub_key = `cat ~/.ssh/id_rsa.pub`.strip
     postgresql_admin_password = `echo -n '#{SecureRandom.hex(64)}''postgres' | openssl md5 | sed -e 's/.* /md5/'`.strip
+    postgresql_user_password = SecureRandom.hex(16)
 
     { node: ['nodes', host], user: ['data_bags/users', 'deploy'] }.each do |from, to|
       FileUtils.mkdir_p File.expand_path("../../tmp/#{to[0]}", __FILE__)

data/cookbooks/scratchify/lib/from-scratch/version.rb

@@ -1,3 +1,3 @@
 module FromScratch
-  VERSION = "0.1.1"
+  VERSION = "0.2.0"
 end

data/cookbooks/scratchify/templates/node.json.erb

@@ -3,6 +3,8 @@
     "recipe[rvm::system]",
     "recipe[postgresql::server]",
     "recipe[postgresql::config_pgtune]",
+    "recipe[postgresql::setup_users]",
+    "recipe[postgresql::setup_databases]",
     "recipe[user::data_bag]",
     "recipe[scratchify]"
   ],
@@ -23,6 +25,21 @@
     "password": {
       "postgres": "<%= postgresql_admin_password %>"
     },
+    "users": [
+      {
+        "username": "<%= app_name %>",
+        "superuser": false,
+        "createdb": false,
+        "login": true,
+        "password": "<%= postgresql_user_password %>"
+      }
+    ],
+    "databases": [
+      {
+        "name": "<%= app_name %>",
+        "owner": "<%= app_name %>"
+      }
+    ],
     "config_pgtune": {
       "db_type": "web"
     }

data/from-scratch.gemspec

@@ -20,8 +20,8 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 1.10"
   spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency 'rspec', "~> 3.3.0"
-  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rspec', "~> 3.3"
+  spec.add_development_dependency 'pry', "~> 0.10"
 
   spec.add_dependency 'knife-solo'
   spec.add_dependency 'knife-solo_data_bag'