From: Martin Zobel-Helas Date: Sun, 31 May 2015 17:00:18 +0000 (+0000) Subject: move to puppetlabs rabbitmq module X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=commitdiff_plain;h=eeab194fb2334a6e1f9f084cba107e9cf40aa8f7;hp=917f80937c03a7f486d25fa70373f1f4d4b02958 move to puppetlabs rabbitmq module Signed-off-by: Martin Zobel-Helas --- diff --git a/3rdparty/Puppetfile b/3rdparty/Puppetfile index 5b1d0e43..8357f92d 100644 --- a/3rdparty/Puppetfile +++ b/3rdparty/Puppetfile @@ -1,9 +1,9 @@ forge "http://forge.puppetlabs.com" -#mod 'puppetlabs/rabbitmq', '5.1.0' #mod 'puppetlabs/xinetd', '1.5.0' #mod 'puppetlabs/stunnel', '0.1.0' mod 'puppetlabs/stdlib', '4.6.0' mod 'puppetlabs/concat', '1.2.2' +mod 'puppetlabs/rabbitmq', '5.2.1' mod 'elasticsearch/elasticsearch', '0.9.5' diff --git a/3rdparty/modules/rabbitmq/CHANGELOG.md b/3rdparty/modules/rabbitmq/CHANGELOG.md new file mode 100644 index 00000000..9800626d --- /dev/null +++ b/3rdparty/modules/rabbitmq/CHANGELOG.md @@ -0,0 +1,261 @@ +## 2015-05-26 - Version 5.2.1 +###Summary +This release includes a fix for idempotency between puppet runs, as well as Readme updates + +####Features +- Readme updates +- Testing updates + +####Bugfixes +- Ensure idempotency between Puppet runs + +## 2015-04-28 - Version 5.2.0 +###Summary +This release adds several new features for expanded configuration, support for SSL Ciphers, several bugfixes, and improved tests. + +####Features +- New parameters to class `rabbitmq` + - `ssl_ciphers` +- New parameters to class `rabbitmq::config` + - `interface` + - `ssl_interface` +- New parameters to type `rabbitmq_exchange` + - `internal` + - `auto_delete` + - `durable` +- Adds syncing with Modulesync +- Adds support for SSL Ciphers +- Adds `file_limit` support for RedHat platforms + +####Bugfixes +- Will not create `rabbitmqadmin.conf` if admin is disabled +- Fixes `check_password` +- Fix to allow bindings and queues to be created when non-default management port is being used by rabbitmq. (MODULES-1856) +- `rabbitmq_policy` converts known parameters to integers +- Updates apt key for full fingerprint compliance. +- Adds a missing `routing_key` param to rabbitmqadmin absent binding call. + +## 2015-03-10 - Version 5.1.0 +###Summary +This release adds several features for greater flexibility in configuration of rabbitmq, includes a number of bug fixes, and bumps the minimum required version of puppetlabs-stdlib to 3.0.0. + +####Changes to defaults +- The default environment variables in `rabbitmq::config` have been renamed from `RABBITMQ_NODE_PORT` and `RABBITMQ_NODE_IP_ADDRESS` to `NODE_PORT` and `NODE_IP_ADDRESS` (MODULES-1673) + +####Features +- New parameters to class `rabbitmq` + - `file_limit` + - `interface` + - `ldap_other_bind` + - `ldap_config_variables` + - `ssl_interface` + - `ssl_versions` + - `rabbitmq_group` + - `rabbitmq_home` + - `rabbitmq_user` +- Add `rabbitmq_queue` and `rabbitmq_binding` types +- Update the providers to be able to retry commands + +####Bugfixes +- Cleans up the formatting for rabbitmq.conf for readability +- Update tag splitting in the `rabbitmqctl` provider for `rabbitmq_user` to work with comma or space separated tags +- Do not enforce the source value for the yum provider (MODULES-1631) +- Fix conditional around `$pin` +- Remove broken SSL option in rabbitmqadmin.conf (MODULES-1691) +- Fix issues in `rabbitmq_user` with admin and no tags +- Fix issues in `rabbitmq_user` with tags not being sorted +- Fix broken check for existing exchanges in `rabbitmq_exchange` + +## 2014-12-22 - Version 5.0.0 +### Summary + +This release fixes a longstanding security issue where the rabbitmq +erlang cookie was exposed as a fact by managing the cookie with a +provider. It also drops support for Puppet 2.7, adds many features +and fixes several bugs. + +#### Backwards-incompatible Changes + +- Removed the rabbitmq_erlang_cookie fact and replaced the logic to + manage that cookie with a provider. +- Dropped official support for Puppet 2.7 (EOL 9/30/2014 + https://groups.google.com/forum/#!topic/puppet-users/QLguMcLraLE ) +- Changed the default value of $rabbitmq::params::ldap_user_dn_pattern + to not contain a variable +- Removed deprecated parameters: $rabbitmq::cluster_disk_nodes, + $rabbitmq::server::manage_service, and + $rabbitmq::server::config_mirrored_queues + +#### Features + +- Add tcp_keepalive parameter to enable TCP keepalive +- Use https to download rabbitmqadmin tool when $rabbitmq::ssl is true +- Add key_content parameter for offline Debian package installations +- Use 16 character apt key to avoid potential collisions +- Add rabbitmq_policy type, including support for rabbitmq <3.2.0 +- Add rabbitmq::ensure_repo parameter +- Add ability to change rabbitmq_user password +- Allow disk as a valid cluster node type + +#### Bugfixes + +- Avoid attempting to install rabbitmqadmin via a proxy (since it is + downloaded from localhost) +- Optimize check for RHEL GPG key +- Configure ssl_listener in stomp only if using ssl +- Use rpm as default package provider for RedHat, bringing the module in + line with the documented instructions to manage erlang separately and allowing + the default version and source parameters to become meaningful +- Configure cacertfile only if verify_none is not set +- Use -q flag for rabbitmqctl commands to avoid parsing inconsistent + debug output +- Use the -m flag for rabbitmqplugins commands, again to avoid parsing + inconsistent debug output +- Strip backslashes from the rabbitmqctl output to avoid parsing issues +- Fix limitation where version parameter was ignored +- Add /etc/rabbitmq/rabbitmqadmin.conf to fix rabbitmqadmin port usage + when ssl is on +- Fix linter errors and warnings +- Add, update, and fix tests +- Update docs + +## 2014-08-20 - Version 4.1.0 +### Summary + +This release adds several new features, fixes bugs, and improves tests and +documentation. + +#### Features +- Autorequire the rabbitmq-server service in the rabbitmq_vhost type +- Add credentials to rabbitmqadmin URL +- Added $ssl_only parameter to rabbitmq, rabbitmq::params, and +rabbitmq::config +- Added property tags to rabbitmq_user provider + +#### Bugfixes +- Fix erroneous commas in rabbitmq::config +- Use correct ensure value for the rabbitmq_stomp rabbitmq_plugin +- Set HOME env variable to nil when leveraging rabbitmq to remove type error +from Python script +- Fix location for rabbitmq-plugins for RHEL +- Remove validation for package_source to allow it to be set to false +- Allow LDAP auth configuration without configuring stomp +- Added missing $ssl_verify and $ssl_fail_if_no_peer_cert to rabbitmq::config + +## 2014-05-16 - Version 4.0.0 +### Summary + +This release includes many new features and bug fixes. With the exception of +erlang management this should be backwards compatible with 3.1.0. + +#### Backwards-incompatible Changes +- erlang_manage was removed. You will need to manage erlang separately. See +the README for more information on how to configure this. + +#### Features +- Improved SSL support +- Add LDAP support +- Add ability to manage RabbitMQ repositories +- Add ability to manage Erlang kernel configuration options +- Improved handling of user tags +- Use nanliu-staging module instead of hardcoded 'curl' +- Switch to yum or zypper provider instead of rpm +- Add ability to manage STOMP plugin installation. +- Allow empty permission fields +- Convert existing system tests to beaker acceptance tests. + +#### Bugfixes +- exchanges no longer recreated on each puppet run if non-default vhost is used +- Allow port to be UNSET +- Re-added rabbitmq::server class +- Deprecated previously unused manage_service variable in favor of + service_manage +- Use correct key for rabbitmq apt::source +- config_mirrored_queues variable removed + - It previously did nothing, will now at least throw a warning if you try to + use it +- Remove unnecessary dependency on Class['rabbitmq::repo::rhel'] in + rabbitmq::install + + +## 2013-09-14 - Version 3.1.0 +### Summary + +This release focuses on a few small (but critical) bugfixes as well as extends +the amount of custom RabbitMQ configuration you can do with the module. + +#### Features +- You can now change RabbitMQ 'Config Variables' via the parameter `config_variables`. +- You can now change RabbitMQ 'Environment Variables' via the parameter `environment_variables`. +- ArchLinux support added. + +#### Fixes +- Make use of the user/password parameters in rabbitmq_exchange{} +- Correct the read/write parameter order on set_permissions/list_permissions as + they were reversed. +- Make the module pull down 3.1.5 by default. + +## 2013-07-18 3.0.0 +### Summary + +This release heavily refactors the RabbitMQ and changes functionality in +several key ways. Please pay attention to the new README.md file for +details of how to interact with the class now. Puppet 3 and RHEL are +now fully supported. The default version of RabbitMQ has changed to +a 3.x release. + +#### Bugfixes + +- Improve travis testing options. +- Stop reimporting the GPG key on every run on RHEL and Debian. +- Fix documentation to make it clear you don't have to set provider => each time. +- Reference the standard rabbitmq port in the documentation instead of a custom port. +- Fixes to the README formatting. + +#### Features +- Refactor the module to fix RHEL support. All interaction with the module +is now done through the main rabbitmq class. +- Add support for mirrored queues (Only on Debian family distributions currently) +- Add rabbitmq_exchange provider (using rabbitmqadmin) +- Add new `rabbitmq` class parameters: + - `manage_service`: Boolean to choose if Puppet should manage the service. (For pacemaker/HA setups) +- Add SuSE support. + +#### Incompatible Changes + +- Rabbitmq::server has been removed and is now rabbitmq::config. You should +not use this class directly, only via the main rabbitmq class. + +## 2013-04-11 2.1.0 + +- remove puppetversion from rabbitmq.config template +- add cluster support +- escape resource names in regexp + +## 2012-07-31 Jeff McCune 2.0.2 +- Re-release 2.0.1 with $EDITOR droppings cleaned up + +## 2012-05-03 2.0.0 +- added support for new-style admin users +- added support for rabbitmq 2.7.1 + +## 2011-06-14 Dan Bode 2.0.0rc1 +- Massive refactor: +- added native types for user/vhost/user_permissions +- added apt support for vendor packages +- added smoke tests + +## 2011-04-08 Jeff McCune 1.0.4 +- Update module for RabbitMQ 2.4.1 and rabbitmq-plugin-stomp package. + +## 2011-03-24 1.0.3 +- Initial release to the forge. Reviewed by Cody. Whitespace is good. + +## 2011-03-22 1.0.2 +- Whitespace only fix again... ack '\t' is my friend... + +## 2011-03-22 1.0.1 +- Whitespace only fix. + +## 2011-03-22 1.0.0 +- Initial Release. Manage the package, file and service. diff --git a/3rdparty/modules/rabbitmq/CONTRIBUTING.md b/3rdparty/modules/rabbitmq/CONTRIBUTING.md new file mode 100644 index 00000000..f1cbde4b --- /dev/null +++ b/3rdparty/modules/rabbitmq/CONTRIBUTING.md @@ -0,0 +1,220 @@ +Checklist (and a short version for the impatient) +================================================= + + * Commits: + + - Make commits of logical units. + + - Check for unnecessary whitespace with "git diff --check" before + committing. + + - Commit using Unix line endings (check the settings around "crlf" in + git-config(1)). + + - Do not check in commented out code or unneeded files. + + - The first line of the commit message should be a short + description (50 characters is the soft limit, excluding ticket + number(s)), and should skip the full stop. + + - Associate the issue in the message. The first line should include + the issue number in the form "(#XXXX) Rest of message". + + - The body should provide a meaningful commit message, which: + + - uses the imperative, present tense: "change", not "changed" or + "changes". + + - includes motivation for the change, and contrasts its + implementation with the previous behavior. + + - Make sure that you have tests for the bug you are fixing, or + feature you are adding. + + - Make sure the test suites passes after your commit: + `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below + + - When introducing a new feature, make sure it is properly + documented in the README.md + + * Submission: + + * Pre-requisites: + + - Make sure you have a [GitHub account](https://github.com/join) + + - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. + + * Preferred method: + + - Fork the repository on GitHub. + + - Push your changes to a topic branch in your fork of the + repository. (the format ticket/1234-short_description_of_change is + usually preferred for this project). + + - Submit a pull request to the repository in the puppetlabs + organization. + +The long version +================ + + 1. Make separate commits for logically separate changes. + + Please break your commits down into logically consistent units + which include new or changed tests relevant to the rest of the + change. The goal of doing this is to make the diff easier to + read for whoever is reviewing your code. In general, the easier + your diff is to read, the more likely someone will be happy to + review it and get it into the code base. + + If you are going to refactor a piece of code, please do so as a + separate commit from your feature or bug fix changes. + + We also really appreciate changes that include tests to make + sure the bug is not re-introduced, and that the feature is not + accidentally broken. + + Describe the technical detail of the change(s). If your + description starts to get too long, that is a good sign that you + probably need to split up your commit into more finely grained + pieces. + + Commits which plainly describe the things which help + reviewers check the patch and future developers understand the + code are much more likely to be merged in with a minimum of + bike-shedding or requested changes. Ideally, the commit message + would include information, and be in a form suitable for + inclusion in the release notes for the version of Puppet that + includes them. + + Please also check that you are not introducing any trailing + whitespace or other "whitespace errors". You can do this by + running "git diff --check" on your changes before you commit. + + 2. Sending your patches + + To submit your changes via a GitHub pull request, we _highly_ + recommend that you have them on a topic branch, instead of + directly on "master". + It makes things much easier to keep track of, especially if + you decide to work on another thing before your first change + is merged in. + + GitHub has some pretty good + [general documentation](http://help.github.com/) on using + their site. They also have documentation on + [creating pull requests](http://help.github.com/send-pull-requests/). + + In general, after pushing your topic branch up to your + repository on GitHub, you can switch to the branch in the + GitHub UI and click "Pull Request" towards the top of the page + in order to open a pull request. + + + 3. Update the related GitHub issue. + + If there is a GitHub issue associated with the change you + submitted, then you should update the ticket to include the + location of your branch, along with any other commentary you + may wish to make. + +Testing +======= + +Getting Started +--------------- + +Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby +package manager such as [bundler](http://bundler.io/) what Ruby packages, +or Gems, are required to build, develop, and test this software. + +Please make sure you have [bundler installed](http://bundler.io/#getting-started) +on your system, then use it to install all dependencies needed for this project, +by running + +```shell +% bundle install +Fetching gem metadata from https://rubygems.org/........ +Fetching gem metadata from https://rubygems.org/.. +Using rake (10.1.0) +Using builder (3.2.2) +-- 8><-- many more --><8 -- +Using rspec-system-puppet (2.2.0) +Using serverspec (0.6.3) +Using rspec-system-serverspec (1.0.0) +Using bundler (1.3.5) +Your bundle is complete! +Use `bundle show [gemname]` to see where a bundled gem is installed. +``` + +NOTE some systems may require you to run this command with sudo. + +If you already have those gems installed, make sure they are up-to-date: + +```shell +% bundle update +``` + +With all dependencies in place and up-to-date we can now run the tests: + +```shell +% rake spec +``` + +This will execute all the [rspec tests](http://rspec-puppet.com/) tests +under [spec/defines](./spec/defines), [spec/classes](./spec/classes), +and so on. rspec tests may have the same kind of dependencies as the +module they are testing. While the module defines in its [Modulefile](./Modulefile), +rspec tests define them in [.fixtures.yml](./fixtures.yml). + +Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) +tests. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/)) with, controlling it with +[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test +scenarios. In order to run these, you will need both of those tools +installed on your system. + +You can run them by issuing the following command + +```shell +% rake spec_clean +% rspec spec/acceptance +``` + +This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), +install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +and then run all the tests under [spec/acceptance](./spec/acceptance). + +Writing Tests +------------- + +XXX getting started writing tests. + +If you have commit access to the repository +=========================================== + +Even if you have commit access to the repository, you will still need to +go through the process above, and have someone else review and merge +in your changes. The rule is that all changes must be reviewed by a +developer on the project (that did not write the code) to ensure that +all changes go through a code review process. + +Having someone other than the author of the topic branch recorded as +performing the merge is the record that they performed the code +review. + + +Additional Resources +==================== + +* [Getting additional help](http://puppetlabs.com/community/get-help) + +* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) + +* [Patchwork](https://patchwork.puppetlabs.com) + +* [General GitHub documentation](http://help.github.com/) + +* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + diff --git a/3rdparty/modules/rabbitmq/Gemfile b/3rdparty/modules/rabbitmq/Gemfile new file mode 100644 index 00000000..2b1b7cd8 --- /dev/null +++ b/3rdparty/modules/rabbitmq/Gemfile @@ -0,0 +1,47 @@ +source ENV['GEM_SOURCE'] || "https://rubygems.org" + +def location_for(place, fake_version = nil) + if place =~ /^(git:[^#]*)#(.*)/ + [fake_version, { :git => $1, :branch => $2, :require => false }].compact + elsif place =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [place, { :require => false }] + end +end + +group :development, :unit_tests do + gem 'rspec-core', '3.1.7', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'simplecov', :require => false + gem 'puppet_facts', :require => false + gem 'json', :require => false +end + +group :system_tests do + if beaker_version = ENV['BEAKER_VERSION'] + gem 'beaker', *location_for(beaker_version) + end + if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] + gem 'beaker-rspec', *location_for(beaker_rspec_version) + else + gem 'beaker-rspec', :require => false + end + gem 'serverspec', :require => false +end + + + +if facterversion = ENV['FACTER_GEM_VERSION'] + gem 'facter', facterversion, :require => false +else + gem 'facter', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/3rdparty/modules/rabbitmq/LICENSE b/3rdparty/modules/rabbitmq/LICENSE new file mode 100644 index 00000000..297f85cf --- /dev/null +++ b/3rdparty/modules/rabbitmq/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2013 Puppet Labs + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/3rdparty/modules/rabbitmq/README.md b/3rdparty/modules/rabbitmq/README.md new file mode 100644 index 00000000..72c1ea03 --- /dev/null +++ b/3rdparty/modules/rabbitmq/README.md @@ -0,0 +1,609 @@ +#rabbitmq + +####Table of Contents + +1. [Overview](#overview) +2. [Module Description - What the module does and why it is useful](#module-description) +3. [Setup - The basics of getting started with rabbitmq](#setup) + * [What rabbitmq affects](#what-rabbitmq-affects) + * [Setup requirements](#setup-requirements) + * [Beginning with rabbitmq](#beginning-with-rabbitmq) +4. [Usage - Configuration options and additional functionality](#usage) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +5. [Limitations - OS compatibility, etc.](#limitations) + * [RedHat module dependencies](#redhat-module-dependecies) +6. [Development - Guide for contributing to the module](#development) + +##Overview + +This module manages RabbitMQ (www.rabbitmq.com) + +##Module Description +The rabbitmq module sets up rabbitmq and has a number of providers to manage +everything from vhosts to exchanges after setup. + +This module has been tested against 2.7.1 and is known to not support +all features against earlier versions. + +##Setup + +###What rabbitmq affects + +* rabbitmq repository files. +* rabbitmq package. +* rabbitmq configuration file. +* rabbitmq service. + +###Beginning with rabbitmq + + +```puppet +include '::rabbitmq' +``` + +##Usage + +All options and configuration can be done through interacting with the parameters +on the main rabbitmq class. These are documented below. + +##rabbitmq class + +To begin with the rabbitmq class controls the installation of rabbitmq. In here +you can control many parameters relating to the package and service, such as +disabling puppet support of the service: + +```puppet +class { '::rabbitmq': + service_manage => false, + port => '5672', + delete_guest_user => true, +} +``` + +Or such as offline installation from intranet or local mirrors: + +```puppet +class { '::rabbitmq': + key_content => template('openstack/rabbit.pub.key'), + package_gpg_key => '/tmp/rabbit.pub.key', +} +``` + +And this one will use external package key source for any (apt/rpm) package provider: + +```puppet +class { '::rabbitmq': + package_gpg_key => 'http://www.some_site.some_domain/some_key.pub.key', +} +``` + +### Environment Variables +To use RabbitMQ Environment Variables, use the parameters `environment_variables` e.g.: + +```puppet +class { 'rabbitmq': + port => '5672', + environment_variables => { + 'NODENAME' => 'node01', + 'SERVICENAME' => 'RabbitMQ' + } +} +``` + +### Variables Configurable in rabbitmq.config +To change RabbitMQ Config Variables in rabbitmq.config, use the parameters `config_variables` e.g.: + +```puppet +class { 'rabbitmq': + port => '5672', + config_variables => { + 'hipe_compile' => true, + 'frame_max' => 131072, + 'log_levels' => "[{connection, info}]" + } +} +``` + +To change Erlang Kernel Config Variables in rabbitmq.config, use the parameters +`config_kernel_variables` e.g.: + +```puppet +class { 'rabbitmq': + port => '5672', + config_kernel_variables => { + 'inet_dist_listen_min' => 9100, + 'inet_dist_listen_max' => 9105, + } +} +``` + +### Clustering +To use RabbitMQ clustering facilities, use the rabbitmq parameters +`config_cluster`, `cluster_nodes`, and `cluster_node_type`, e.g.: + +```puppet +class { 'rabbitmq': + config_cluster => true, + cluster_nodes => ['rabbit1', 'rabbit2'], + cluster_node_type => 'ram', + erlang_cookie => 'A_SECRET_COOKIE_STRING', + wipe_db_on_cookie_change => true, +} +``` + +##Reference + +##Classes + +* rabbitmq: Main class for installation and service management. +* rabbitmq::config: Main class for rabbitmq configuration/management. +* rabbitmq::install: Handles package installation. +* rabbitmq::params: Different configuration data for different systems. +* rabbitmq::service: Handles the rabbitmq service. +* rabbitmq::repo::apt: Handles apt repo for Debian systems. +* rabbitmq::repo::rhel: Handles rpm repo for Redhat systems. + +###Parameters + +####`admin_enable` + +Boolean, if enabled sets up the management interface/plugin for RabbitMQ. + +####`cluster_node_type` + +Choose between disk and ram nodes. + +####`cluster_nodes` + +An array of nodes for clustering. + +####`cluster_partition_handling` + +Value to set for `cluster_partition_handling` RabbitMQ configuration variable. + +####`config` + +The file to use as the rabbitmq.config template. + +####`config_cluster` + +Boolean to enable or disable clustering support. + +####`config_kernel_variables` + +Hash of Erlang kernel configuration variables to set (see [Variables Configurable in rabbitmq.config](#variables-configurable-in-rabbitmq.config)). + +####`config_mirrored_queues` + +DEPRECATED + +Configuring queue mirroring should be done by setting the according policy for +the queue. You can read more about it +[here](http://www.rabbitmq.com/ha.html#genesis) + +####`config_path` + +The path to write the RabbitMQ configuration file to. + +####`config_stomp` + +Boolean to enable or disable stomp. + +####`config_variables` + +To set config variables in rabbitmq.config + +####`default_user` + +Username to set for the `default_user` in rabbitmq.config. + +####`default_pass` + +Password to set for the `default_user` in rabbitmq.config. + +####`delete_guest_user` + +Boolean to decide if we should delete the default guest user. + +####`env_config` + +The template file to use for rabbitmq_env.config. + +####`env_config_path` + +The path to write the rabbitmq_env.config file to. + +####`environment_variables` + +RabbitMQ Environment Variables in rabbitmq_env.config + +####`erlang_cookie` + +The erlang cookie to use for clustering - must be the same between all nodes. +This value has no default and must be set explicitly if using clustering. + +####`file_limit` + +Set rabbitmq file ulimit. Defaults to 16384. Only available on systems with +`$::osfamily == 'Debian'` or `$::osfamily == 'RedHat'`. + +####`key_content` + +Uses content method for Debian OS family. Should be a template for apt::source +class. Overrides `package_gpg_key` behavior, if enabled. Undefined by default. + +####`ldap_auth` + +Boolean, set to true to enable LDAP auth. + +####`ldap_server` + +LDAP server to use for auth. + +####`ldap_user_dn_pattern` + +User DN pattern for LDAP auth. + +####`ldap_other_bind` + +How to bind to the LDAP server. Defaults to 'anon'. + +####`ldap_config_variables` + +Hash of other LDAP config variables. + +####`ldap_use_ssl` + +Boolean, set to true to use SSL for the LDAP server. + +####`ldap_port` + +Numeric port for LDAP server. + +####`ldap_log` + +Boolean, set to true to log LDAP auth. + +####`manage_repos` + +Boolean, whether or not to manage package repositories. + +####`management_port` + +The port for the RabbitMQ management interface. + +####`node_ip_address` + +The value of NODE_IP_ADDRESS in rabbitmq_env.config + +####`package_ensure` + +Determines the ensure state of the package. Set to installed by default, but could +be changed to latest. + +####`package_gpg_key` + +RPM package GPG key to import. Uses source method. Should be a URL for Debian/RedHat +OS family, or a file name for RedHat OS family. +Set to http://www.rabbitmq.com/rabbitmq-signing-key-public.asc by default. +Note, that `key_content`, if specified, would override this parameter for Debian OS family. + +####`package_name` + +The name of the package to install. + +####`package_provider` + +What provider to use to install the package. + +####`package_source` + +Where should the package be installed from? + +On Debian- and Arch-based systems using the default package provider, +this parameter is ignored and the package is installed from the +rabbitmq repository, if enabled with manage_repo => true, or from the +system repository otherwise. If you want to use dpkg as the +package_provider, you must specify a local package_source. + +####`plugin_dir` + +Location of RabbitMQ plugins. + +####`port` + +The RabbitMQ port. + +####`service_ensure` + +The state of the service. + +####`service_manage` + +Determines if the service is managed. + +####`service_name` + +The name of the service to manage. + +####`ssl` + +Configures the service for using SSL. + +####`ssl_only` + +Configures the service to only use SSL. No cleartext TCP listeners will be created. +Requires that ssl => true and port => UNSET also + +####`ssl_cacert` + +CA cert path to use for SSL. + +####`ssl_cert` + +Cert to use for SSL. + +####`ssl_key` + +Key to use for SSL. + +####`ssl_management_port` + +SSL management port. + +####`ssl_stomp_port` + +SSL stomp port. + +####`ssl_verify` + +rabbitmq.config SSL verify setting. + +####`ssl_fail_if_no_peer_cert` + +rabbitmq.config `fail_if_no_peer_cert` setting. + +####`ssl_versions` + +Choose which SSL versions to enable. Example: `['tlsv1.2', 'tlsv1.1']`. + +Note that it is recommended to disable `sslv3` and `tlsv1` to prevent against POODLE and BEAST attacks. Please see the [RabbitMQ SSL](https://www.rabbitmq.com/ssl.html) documentation for more information. + +####`ssl_ciphers` + +Support only a given list of SSL ciphers. Example: `['dhe_rsa,aes_256_cbc,sha','dhe_dss,aes_256_cbc,sha','ecdhe_rsa,aes_256_cbc,sha']`. + +Supported ciphers in your install can be listed with: + rabbitmqctl eval 'ssl:cipher_suites().' +Functionality can be tested with cipherscan or similar tool: https://github.com/jvehent/cipherscan.git + +####`stomp_port` + +The port to use for Stomp. + +####`stomp_ensure` + +Boolean to install the stomp plugin. + +####`tcp_keepalive` + +Boolean to enable TCP connection keepalive for RabbitMQ service. + +####`version` + +Sets the version to install. + +On Debian- and Arch-based operating systems, the version parameter is +ignored and the latest version is installed from the rabbitmq +repository, if enabled with manage_repo => true, or from the system +repository otherwise. + +####`wipe_db_on_cookie_change` + +Boolean to determine if we should DESTROY AND DELETE the RabbitMQ database. + +####`rabbitmq_user` + +String: OS dependent, default defined in param.pp. The system user the rabbitmq daemon runs as. + +####`rabbitmq_group` + +String: OS dependent, default defined in param.pp. The system group the rabbitmq daemon runs as. + +####`rabbitmq_home` + +String: OS dependent. default defined in param.pp. The home directory of the rabbitmq deamon. + +##Native Types + +### rabbitmq\_user + +query all current users: `$ puppet resource rabbitmq_user` + +``` +rabbitmq_user { 'dan': + admin => true, + password => 'bar', +} +``` +Optional parameter tags will set further rabbitmq tags like monitoring, policymaker, etc. +To set the administrator tag use admin-flag. +```puppet +rabbitmq_user { 'dan': + admin => true, + password => 'bar', + tags => ['monitoring', 'tag1'], +} +``` + + +### rabbitmq\_vhost + +query all current vhosts: `$ puppet resource rabbitmq_vhost` + +```puppet +rabbitmq_vhost { 'myvhost': + ensure => present, +} +``` + +### rabbitmq\_exchange + +```puppet +rabbitmq_exchange { 'myexchange@myvhost': + user => 'dan', + password => 'bar', + type => 'topic', + ensure => present, + internal => false, + auto_delete => false, + durable => true, + arguments => { + hash-header => 'message-distribution-hash' + } +} +``` + +### rabbitmq\_queue + +```puppet +rabbitmq_queue { 'myqueue@myvhost': + user => 'dan', + password => 'bar', + durable => true, + auto_delete => false, + arguments => { + x-message-ttl => 123, + x-dead-letter-exchange => 'other' + }, + ensure => present, +} +``` + +### rabbitmq\_binding + +```puppet +rabbitmq_binding { 'myexchange@myqueue@myvhost': + user => 'dan', + password => 'bar', + destination_type => 'queue', + routing_key => '#', + arguments => {}, + ensure => present, +} +``` + +### rabbitmq\_user\_permissions + +```puppet +rabbitmq_user_permissions { 'dan@myvhost': + configure_permission => '.*', + read_permission => '.*', + write_permission => '.*', +} +``` + +### rabbitmq\_policy + +```puppet +rabbitmq_policy { 'ha-all@myvhost': + pattern => '.*', + priority => 0, + applyto => 'all', + definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic', + }, +} +``` + +### rabbitmq\_plugin + +query all currently enabled plugins `$ puppet resource rabbitmq_plugin` + +```puppet +rabbitmq_plugin {'rabbitmq_stomp': + ensure => present, +} +``` + +### rabbitmq\_erlang\_cookie + +This is essentially a private type used by the rabbitmq::config class +to manage the erlang cookie. It replaces the rabbitmq_erlang_cookie fact +from earlier versions of this module. It manages the content of the cookie +usually located at "${rabbitmq_home}/.erlang.cookie", which includes +stopping the rabbitmq service and wiping out the database at +"${rabbitmq_home}/mnesia" if the user agrees to it. We don't recommend using +this type directly. + +##Limitations + +This module has been built on and tested against Puppet 3.x. + +The module has been tested on: + +* RedHat Enterprise Linux 5/6 +* Debian 6/7 +* CentOS 5/6 +* Ubuntu 12.04/14.04 + +Testing on other platforms has been light and cannot be guaranteed. + +### Module dependencies + +If running CentOS/RHEL, and using the yum provider, ensure the epel repo is present. + +To have a suitable erlang version installed on RedHat and Debian systems, +you have to install another puppet module from http://forge.puppetlabs.com/garethr/erlang with: + + puppet module install garethr-erlang + +This module handles the packages for erlang. +To use the module, add the following snippet to your site.pp or an appropriate profile class: + +For RedHat systems: + + include 'erlang' + class { 'erlang': epel_enable => true} + +For Debian systems: + + include 'erlang' + package { 'erlang-base': + ensure => 'latest', + } + +This module also depends on the excellent nanliu/staging module on the Forge: + + puppet module install nanliu-staging + +### Downgrade Issues + +Be advised that there were configuration file syntax and other changes made between RabbitMQ +versions 2 and 3. In order to downgrade from 3 to 2 (not that this is a terribly good idea) +you will need to manually remove all RabbitMQ configuration files (``/etc/rabbitmq``) and +the mnesia directory (usually ``/var/lib/rabbitmq/mnesia``). The latter action will delete +any and all messages stored to disk. + +Failure to do this will result in RabbitMQ failing to start with a cryptic error message about +"init terminating in do_boot", containing "rabbit_upgrade,maybe_upgrade_mnesia". + +##Development + +Puppet Labs modules on the Puppet Forge are open projects, and community +contributions are essential for keeping them great. We can’t access the +huge number of platforms and myriad of hardware, software, and deployment +configurations that Puppet is intended to serve. + +We want to keep it as easy as possible to contribute changes so that our +modules work in your environment. There are a few guidelines that we need +contributors to follow so that we can have a chance of keeping on top of things. + +You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) + +### Authors +* Jeff McCune +* Dan Bode +* RPM/RHEL packages by Vincent Janelle +* Puppetlabs Module Team diff --git a/3rdparty/modules/rabbitmq/Rakefile b/3rdparty/modules/rabbitmq/Rakefile new file mode 100644 index 00000000..181157e6 --- /dev/null +++ b/3rdparty/modules/rabbitmq/Rakefile @@ -0,0 +1,10 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' + +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.send('relative') +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/3rdparty/modules/rabbitmq/TODO b/3rdparty/modules/rabbitmq/TODO new file mode 100644 index 00000000..8ae578e9 --- /dev/null +++ b/3rdparty/modules/rabbitmq/TODO @@ -0,0 +1,10 @@ +provider TODO - + - password should be a property and not a param + - what if we tried to log in as that user? + - can permissions from list_user_permissions contain whitespace? + - what about defaultfor :true? + - prefetching for performance + - rabbit plugin should require rabbitmq class + - rabbitmq class should be renamed server?? + - service name should default to -server + - cannot find stomp package diff --git a/3rdparty/modules/rabbitmq/checksums.json b/3rdparty/modules/rabbitmq/checksums.json new file mode 100644 index 00000000..f228740c --- /dev/null +++ b/3rdparty/modules/rabbitmq/checksums.json @@ -0,0 +1,105 @@ +{ + "CHANGELOG.md": "43cb464088dc5a6558ce1f2f119a0f48", + "CONTRIBUTING.md": "e2b8e8e433fc76b3798b7fe435f49375", + "Gemfile": "e62c96457cdaab2a09f1a37479ea6351", + "LICENSE": "6089b6bd1f0d807edb8bdfd76da0b038", + "README.md": "1babcf19c9f1f10e3a594b6b89620b49", + "Rakefile": "d953eb985f82600dc3b9ac6e1f2cfe64", + "TODO": "53cf21155ec1e83e3e167f711fd3ff9f", + "files/README.markdown": "3d44458cc68d8513b51e3b56c604eec4", + "files/plugins/amqp_client-2.3.1.ez": "543ec53b7208fdc2dc4eba3684868011", + "files/plugins/rabbit_stomp-2.3.1.ez": "f552a986409a6d407a080b1aceb80d20", + "lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb": "1b7bd0bd9ce3e0303f52178487170f42", + "lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb": "80c99bb254471ed32e6ee25a9dcb6f73", + "lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb": "f79a7aab47e00a6d29910e09550f03d9", + "lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb": "393eac704e7f906052f4d1c285de364e", + "lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb": "ea39ffa45a616fcd755c8121338fcbcd", + "lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb": "b971f7ec8f5454623d82b35a6c178432", + "lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb": "eeddc61ef6c57e7225c818e494fc6e47", + "lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb": "35c1224ef9f1191c61cc577d7b496395", + "lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb": "3e4754621f03062a4620950134cb2042", + "lib/puppet/provider/rabbitmqctl.rb": "59d97156cab9dba9008426e650df17bc", + "lib/puppet/type/rabbitmq_binding.rb": "5c19f5f98247d4ee5286e16242a53441", + "lib/puppet/type/rabbitmq_erlang_cookie.rb": "ad082a425169634391888fcd9a2131bb", + "lib/puppet/type/rabbitmq_exchange.rb": "3ed3e62c8f85cc4e41a81cd07915727c", + "lib/puppet/type/rabbitmq_plugin.rb": "6a707d089d0e50a949ecf8fae114eab0", + "lib/puppet/type/rabbitmq_policy.rb": "6e421d709978675d36bd6e1e361be498", + "lib/puppet/type/rabbitmq_queue.rb": "653a5e3eaa69c6d0d29f477c40362c13", + "lib/puppet/type/rabbitmq_user.rb": "4cac856b77ccebff4e9fd63e71ccf611", + "lib/puppet/type/rabbitmq_user_permissions.rb": "2d12cd7d9c8bd2afd2e4a4b24a35b58b", + "lib/puppet/type/rabbitmq_vhost.rb": "ff6fc35bb9c22b1c493b84adf6bb3167", + "log/centos-6-x64-vcloud/2015-05-22_18_55_23/sut.log": "062a9bc8d4ae0dd97e5ee74784a26c9d", + "log/centos-6-x64-vcloud/2015-05-22_18_57_07/sut.log": "4b5085af02e0fba4e6ae0addee258ce1", + "log/debian-7-x64-vcloud/2015-05-22_18_35_45/sut.log": "b6c8b56197861c0e6c3a46fb730f3334", + "log/debian-7-x64-vcloud/2015-05-22_18_49_58/sut.log": "a4d4b5f2278e5cba66026ad9f0156de4", + "log/debian-7-x64-vcloud/2015-05-22_19_10_48/sut.log": "27d3e61d3a9d9da3b87501a49f49aece", + "log/debian-7-x64-vcloud/2015-05-22_19_11_31/sut.log": "ad6cbb9cbd128e0848c5f5bcfe3d494a", + "log/default/2015-05-22_18_35_28/sut.log": "d41d8cd98f00b204e9800998ecf8427e", + "manifests/config.pp": "df0d180fd482f63eb8b26ca2ca83febf", + "manifests/init.pp": "52b0931a4d2083e90e36c331d6450084", + "manifests/install/rabbitmqadmin.pp": "64a81e06996b5ecc147795e64f3c6e7b", + "manifests/install.pp": "0f700b158484bfdacb2ce3ec65b939c9", + "manifests/management.pp": "93c41d238f2734fa7c5944b8f32f6cc4", + "manifests/params.pp": "260d40f1ece0f76e4a86079455e12c87", + "manifests/repo/apt.pp": "a5b1a06ac77526e8764bc754bc0718c4", + "manifests/repo/rhel.pp": "1c4cfcba993e0667b65ec3c5deafbac7", + "manifests/server.pp": "3bc67c2006c1144c50c3fc04394cd800", + "manifests/service.pp": "ec365148eec9e739ca06e24c972cd5de", + "metadata.json": "cfe09daeacab44586c336f6ea55d6aff", + "spec/README.markdown": "32a1fc0121c28aff554ef5d422b8b51e", + "spec/acceptance/class_spec.rb": "26e9ed9f9391692419f110624c091390", + "spec/acceptance/clustering_spec.rb": "1aa359697551e1ddf2a030cac5b8f2f5", + "spec/acceptance/delete_guest_user_spec.rb": "7c5da810cf2a3a124943eb56c46cac83", + "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151", + "spec/acceptance/nodesets/centos-6-x64-vcloud.yml": "aaa7352c8a5f5244a6f9008112918074", + "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", + "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af", + "spec/acceptance/nodesets/debian-7-x64-vcloud.yml": "83c1c189f46fced0a8d5ec27a3e12877", + "spec/acceptance/nodesets/default.yml": "d65958bdf25fb31eb4838fd984b555df", + "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297", + "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269", + "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "5f0aed10098ac5b78e4217bb27c7aaf0", + "spec/acceptance/policy_spec.rb": "28211810baf46a25e0e9dda0097ce2db", + "spec/acceptance/queue_spec.rb": "b7d54bd218982f191b8a909652d65d09", + "spec/acceptance/rabbitmqadmin_spec.rb": "7844ca3109ed35147ee8bcd2c8a045c6", + "spec/acceptance/server_spec.rb": "f88e85559c71afcf5d80b01ffd78877d", + "spec/acceptance/user_spec.rb": "1f560f25a45e249bafdae3964efabaf2", + "spec/acceptance/vhost_spec.rb": "75c867b618eae881b9f13272cffdc777", + "spec/acceptance/zz281_spec.rb": "56051cd811c1f2546bcdce2590860306", + "spec/classes/rabbitmq_spec.rb": "45725cd9e08e33a4ea809a7ec48ee2f8", + "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c", + "spec/spec_helper.rb": "0db89c9a486df193c0e40095422e19dc", + "spec/spec_helper_acceptance.rb": "9aa45d83b91ef209b17abeace32781bf", + "spec/unit/puppet/provider/rabbitmq_binding/rabbitmqadmin_spec.rb": "f855af3424e3573b37f015f460b3f3f5", + "spec/unit/puppet/provider/rabbitmq_exchange/rabbitmqadmin_spec.rb": "3a909fddbe1019b6bf68d43408c5fa70", + "spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb": "430f9d204f9a0135772b90f10fb36c76", + "spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb": "9b9213cc615b7e164a5b2c754c57f2d0", + "spec/unit/puppet/provider/rabbitmq_queue/rabbitmqadmin_spec.rb": "6f7664ce99673b73114ec17afa20febe", + "spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb": "b6835fdfed6719217325e36667e9b416", + "spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb": "7a16aee31dbf747d0226ded6ce8a3b45", + "spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb": "1f8d85c70d5f288a2ac803c99dc3eb72", + "spec/unit/puppet/type/rabbitmq_binding_spec.rb": "60bde85ca7075b0584bfd57bd86ebfd3", + "spec/unit/puppet/type/rabbitmq_exchange_spec.rb": "797b8a550f0620731efc2280a0f30a53", + "spec/unit/puppet/type/rabbitmq_policy_spec.rb": "387079c6a0235602c4ef18b456c2b282", + "spec/unit/puppet/type/rabbitmq_queue_spec.rb": "568f66963bd4392b91fe347b3e1baa45", + "spec/unit/puppet/type/rabbitmq_user_permissions_spec.rb": "eb5b390edb76be3a2b8899e9b996d6e1", + "spec/unit/puppet/type/rabbitmq_user_spec.rb": "80e042c92f64e3a5f97a83bbbde85d42", + "spec/unit/puppet/type/rabbitmq_vhost_spec.rb": "162e29065eb5ce664842b66bcfa0ac34", + "templates/README.markdown": "aada0a1952329e46b98695349dba6203", + "templates/default.erb": "800642a1015e3eaa37f18100d1d63f41", + "templates/limits.conf": "c5f991430be0bcb7446eb7291cf34bf8", + "templates/rabbitmq-env.conf.erb": "174bf40d6f7fed0cf29604e858cc96c4", + "templates/rabbitmq-server.service.d/limits.conf": "80655f98baca4c7bc673359c5f846690", + "templates/rabbitmq.config.erb": "1d0ed42cd32aa466b4f3c4d3efb252cb", + "templates/rabbitmqadmin.conf.erb": "df2a15c7ee621cced815916cb0c56a5f", + "tests/erlang_deps.pp": "4a2ac78d56802dee3a66e3246633b603", + "tests/full.pp": "fb1e9f59fe63846c60b402202152eeb0", + "tests/permissions/add.pp": "b53b627a4d5521af8cdcfd83d99d3824", + "tests/plugin.pp": "5fc1271d5684dd51fa94b67876179e63", + "tests/repo/apt.pp": "4ea43b4f8dcaf474ec11d796efef66a3", + "tests/server.pp": "56dba93d20d5b716b66df2e0f4f693d6", + "tests/service.pp": "f06296b103daf449f9e7644fd9eee58b", + "tests/site.pp": "653334bf690768a8af42cd13e8e53ef2", + "tests/user/add.pp": "d9f051f1edc91114097b54f818729ea8", + "tests/vhosts/add.pp": "f054d84ac87dc206f586d779fc312fa6" +} \ No newline at end of file diff --git a/3rdparty/modules/rabbitmq/files/README.markdown b/3rdparty/modules/rabbitmq/files/README.markdown new file mode 100644 index 00000000..be52188c --- /dev/null +++ b/3rdparty/modules/rabbitmq/files/README.markdown @@ -0,0 +1,22 @@ +Files +===== + +Puppet comes with both a client and server for copying files around. The file +serving function is provided as part of the central Puppet daemon, +puppetmasterd, and the client function is used through the source attribute of +file objects. Learn more at +http://projects.puppetlabs.com/projects/puppet/wiki/File_Serving_Configuration + +You can use managed files like this: + + class myclass { + package { mypackage: ensure => latest } + service { myservice: ensure => running } + file { "/etc/myfile": + source => "puppet://$servername/modules/mymodule/myfile" + } + } + +The files are searched for in: + + $modulepath/mymodule/files/myfile diff --git a/3rdparty/modules/rabbitmq/files/plugins/amqp_client-2.3.1.ez b/3rdparty/modules/rabbitmq/files/plugins/amqp_client-2.3.1.ez new file mode 100644 index 00000000..6ef6d4ff Binary files /dev/null and b/3rdparty/modules/rabbitmq/files/plugins/amqp_client-2.3.1.ez differ diff --git a/3rdparty/modules/rabbitmq/files/plugins/rabbit_stomp-2.3.1.ez b/3rdparty/modules/rabbitmq/files/plugins/rabbit_stomp-2.3.1.ez new file mode 100644 index 00000000..4a28b72f Binary files /dev/null and b/3rdparty/modules/rabbitmq/files/plugins/rabbit_stomp-2.3.1.ez differ diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb new file mode 100644 index 00000000..e02c4668 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb @@ -0,0 +1,112 @@ +require 'json' +require 'puppet' +Puppet::Type.type(:rabbitmq_binding).provide(:rabbitmqadmin) do + + if Puppet::PUPPETVERSION.to_f < 3 + commands :rabbitmqctl => 'rabbitmqctl' + commands :rabbitmqadmin => '/usr/local/bin/rabbitmqadmin' + else + has_command(:rabbitmqctl, 'rabbitmqctl') do + environment :HOME => "/tmp" + end + has_command(:rabbitmqadmin, '/usr/local/bin/rabbitmqadmin') do + environment :HOME => "/tmp" + end + end + defaultfor :feature => :posix + + def should_vhost + if @should_vhost + @should_vhost + else + @should_vhost = resource[:name].split('@').last + end + end + + def self.all_vhosts + vhosts = [] + rabbitmqctl('list_vhosts', '-q').split(/\n/).collect do |vhost| + vhosts.push(vhost) + end + vhosts + end + + def self.all_bindings(vhost) + rabbitmqctl('list_bindings', '-q', '-p', vhost, 'source_name', 'destination_name', 'destination_kind', 'routing_key', 'arguments').split(/\n/) + end + + def self.instances + resources = [] + all_vhosts.each do |vhost| + all_bindings(vhost).collect do |line| + source_name, destination_name, destination_type, routing_key, arguments = line.split(/\t/) + # Convert output of arguments from the rabbitmqctl command to a json string. + if !arguments.nil? + arguments = arguments.gsub(/^\[(.*)\]$/, "").gsub(/\{("(?:.|\\")*?"),/, '{\1:').gsub(/\},\{/, ",") + if arguments == "" + arguments = '{}' + end + else + arguments = '{}' + end + if (source_name != '') + binding = { + :destination_type => destination_type, + :routing_key => routing_key, + :arguments => JSON.parse(arguments), + :ensure => :present, + :name => "%s@%s@%s" % [source_name, destination_name, vhost], + } + resources << new(binding) if binding[:name] + end + end + end + resources + end + + def self.prefetch(resources) + packages = instances + resources.keys.each do |name| + if provider = packages.find{ |pkg| pkg.name == name } + resources[name].provider = provider + end + end + end + + def exists? + @property_hash[:ensure] == :present + end + + def create + vhost_opt = should_vhost ? "--vhost=#{should_vhost}" : '' + name = resource[:name].split('@').first + destination = resource[:name].split('@')[1] + arguments = resource[:arguments] + if arguments.nil? + arguments = {} + end + rabbitmqadmin('declare', + 'binding', + vhost_opt, + "--user=#{resource[:user]}", + "--password=#{resource[:password]}", + '-c', + '/etc/rabbitmq/rabbitmqadmin.conf', + "source=#{name}", + "destination=#{destination}", + "arguments=#{arguments.to_json}", + "routing_key=#{resource[:routing_key]}", + "destination_type=#{resource[:destination_type]}" + ) + @property_hash[:ensure] = :present + end + + def destroy + vhost_opt = should_vhost ? "--vhost=#{should_vhost}" : '' + name = resource[:name].split('@').first + destination = resource[:name].split('@')[1] + rabbitmqadmin('delete', 'binding', vhost_opt, "--user=#{resource[:user]}", "--password=#{resource[:password]}", '-c', '/etc/rabbitmq/rabbitmqadmin.conf', "source=#{name}", "destination_type=#{resource[:destination_type]}", "destination=#{destination}", "properties_key=#{resource[:routing_key]}") + @property_hash[:ensure] = :absent + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb new file mode 100644 index 00000000..58c8b3c9 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb @@ -0,0 +1,38 @@ +require 'puppet' +require 'set' +Puppet::Type.type(:rabbitmq_erlang_cookie).provide(:ruby) do + + defaultfor :feature => :posix + has_command(:puppet, 'puppet') do + environment :PATH => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin' + end + + def exists? + # Hack to prevent the create method from being called. + # We never need to create or destroy this resource, only change its value + true + end + + def content=(value) + if resource[:force] == :true # Danger! + puppet('resource', 'service', resource[:service_name], 'ensure=stopped') + FileUtils.rm_rf(resource[:rabbitmq_home] + File::PATH_SEPARATOR + 'mnesia') + File.open(resource[:path], 'w') do |cookie| + cookie.chmod(0400) + cookie.write(value) + end + FileUtils.chown(resource[:rabbitmq_user], resource[:rabbitmq_group], resource[:path]) + else + fail("The current erlang cookie needs to change. In order to do this the RabbitMQ database needs to be wiped. Please set force => true to allow this to happen automatically.") + end + end + + def content + if File.exists?(resource[:path]) + File.read(resource[:path]) + else + '' + end + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb new file mode 100644 index 00000000..c1cff095 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb @@ -0,0 +1,112 @@ +require 'puppet' +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl')) +Puppet::Type.type(:rabbitmq_exchange).provide(:rabbitmqadmin, :parent => Puppet::Provider::Rabbitmqctl) do + + if Puppet::PUPPETVERSION.to_f < 3 + commands :rabbitmqctl => 'rabbitmqctl' + commands :rabbitmqadmin => '/usr/local/bin/rabbitmqadmin' + else + has_command(:rabbitmqctl, 'rabbitmqctl') do + environment :HOME => "/tmp" + end + has_command(:rabbitmqadmin, '/usr/local/bin/rabbitmqadmin') do + environment :HOME => "/tmp" + end + end + defaultfor :feature => :posix + + def should_vhost + if @should_vhost + @should_vhost + else + @should_vhost = resource[:name].split('@')[1] + end + end + + def self.all_vhosts + vhosts = [] + self.run_with_retries { + rabbitmqctl('-q', 'list_vhosts') + }.split(/\n/).each do |vhost| + vhosts.push(vhost) + end + vhosts + end + + def self.all_exchanges(vhost) + exchanges = [] + self.run_with_retries { + rabbitmqctl('-q', 'list_exchanges', '-p', vhost, 'name', 'type', 'internal', 'durable', 'auto_delete', 'arguments') + }.split(/\n/).each do |exchange| + exchanges.push(exchange) + end + exchanges + end + + def self.instances + resources = [] + all_vhosts.each do |vhost| + all_exchanges(vhost).each do |line| + name, type, internal, durable, auto_delete, arguments = line.split() + if type.nil? + # if name is empty, it will wrongly get the type's value. + # This way type will get the correct value + type = name + name = '' + end + # Convert output of arguments from the rabbitmqctl command to a json string. + if !arguments.nil? + arguments = arguments.gsub(/^\[(.*)\]$/, "").gsub(/\{("(?:.|\\")*?"),/, '{\1:').gsub(/\},\{/, ",") + if arguments == "" + arguments = '{}' + end + else + arguments = '{}' + end + exchange = { + :type => type, + :ensure => :present, + :internal => internal, + :durable => durable, + :auto_delete => auto_delete, + :name => "%s@%s" % [name, vhost], + :arguments => JSON.parse(arguments), + } + resources << new(exchange) if exchange[:type] + end + end + resources + end + + def self.prefetch(resources) + packages = instances + resources.keys.each do |name| + if provider = packages.find{ |pkg| pkg.name == name } + resources[name].provider = provider + end + end + end + + def exists? + @property_hash[:ensure] == :present + end + + def create + vhost_opt = should_vhost ? "--vhost=#{should_vhost}" : '' + name = resource[:name].split('@')[0] + arguments = resource[:arguments] + if arguments.nil? + arguments = {} + end + rabbitmqadmin('declare', 'exchange', vhost_opt, "--user=#{resource[:user]}", "--password=#{resource[:password]}", "name=#{name}", "type=#{resource[:type]}", "internal=#{resource[:internal]}", "durable=#{resource[:durable]}", "auto_delete=#{resource[:auto_delete]}", "arguments=#{arguments.to_json}", '-c', '/etc/rabbitmq/rabbitmqadmin.conf') + @property_hash[:ensure] = :present + end + + def destroy + vhost_opt = should_vhost ? "--vhost=#{should_vhost}" : '' + name = resource[:name].split('@')[0] + rabbitmqadmin('delete', 'exchange', vhost_opt, "--user=#{resource[:user]}", "--password=#{resource[:password]}", "name=#{name}", '-c', '/etc/rabbitmq/rabbitmqadmin.conf') + @property_hash[:ensure] = :absent + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb new file mode 100644 index 00000000..7ab5420c --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb @@ -0,0 +1,52 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl')) +Puppet::Type.type(:rabbitmq_plugin).provide(:rabbitmqplugins, :parent => Puppet::Provider::Rabbitmqctl) do + + if Puppet::PUPPETVERSION.to_f < 3 + if Facter.value(:osfamily) == 'RedHat' + commands :rabbitmqplugins => '/usr/lib/rabbitmq/bin/rabbitmq-plugins' + else + commands :rabbitmqplugins => 'rabbitmq-plugins' + end + else + if Facter.value(:osfamily) == 'RedHat' + has_command(:rabbitmqplugins, '/usr/lib/rabbitmq/bin/rabbitmq-plugins') do + environment :HOME => "/tmp" + end + else + has_command(:rabbitmqplugins, 'rabbitmq-plugins') do + environment :HOME => "/tmp" + end + end + end + + defaultfor :feature => :posix + + def self.instances + self.run_with_retries { + rabbitmqplugins('list', '-E', '-m') + }.split(/\n/).map do |line| + if line =~ /^(\S+)$/ + new(:name => $1) + else + raise Puppet::Error, "Cannot parse invalid plugins line: #{line}" + end + end + end + + def create + rabbitmqplugins('enable', resource[:name]) + end + + def destroy + rabbitmqplugins('disable', resource[:name]) + end + + def exists? + self.class.run_with_retries { + rabbitmqplugins('list', '-E', '-m') + }.split(/\n/).detect do |line| + line.match(/^#{resource[:name]}$/) + end + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb new file mode 100644 index 00000000..7e732958 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb @@ -0,0 +1,119 @@ +require 'json' +require 'puppet/util/package' + +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl')) +Puppet::Type.type(:rabbitmq_policy).provide(:rabbitmqctl, :parent => Puppet::Provider::Rabbitmqctl) do + + defaultfor :feature => :posix + + # cache policies + def self.policies(name, vhost) + @policies = {} unless @policies + unless @policies[vhost] + @policies[vhost] = {} + self.run_with_retries { + rabbitmqctl('list_policies', '-q', '-p', vhost) + }.split(/\n/).each do |line| + # rabbitmq<3.2 does not support the applyto field + # 1 2 3? 4 5 6 + # / ha-all all .* {"ha-mode":"all","ha-sync-mode":"automatic"} 0 + if line =~ /^(\S+)\s+(\S+)\s+(all|exchanges|queues)?\s*(\S+)\s+(\S+)\s+(\d+)$/ + applyto = $3 || 'all' + @policies[vhost][$2] = { + :applyto => applyto, + :pattern => $4, + :definition => JSON.parse($5), + :priority => $6} + else + raise Puppet::Error, "cannot parse line from list_policies:#{line}" + end + end + end + @policies[vhost][name] + end + + def policies(name, vhost) + self.class.policies(vhost, name) + end + + def should_policy + @should_policy ||= resource[:name].rpartition('@').first + end + + def should_vhost + @should_vhost ||= resource[:name].rpartition('@').last + end + + def create + set_policy + end + + def destroy + rabbitmqctl('clear_policy', '-p', should_vhost, should_policy) + end + + def exists? + policies(should_vhost, should_policy) + end + + def pattern + policies(should_vhost, should_policy)[:pattern] + end + + def pattern=(pattern) + set_policy + end + + def applyto + policies(should_vhost, should_policy)[:applyto] + end + + def applyto=(applyto) + set_policy + end + + def definition + policies(should_vhost, should_policy)[:definition] + end + + def definition=(definition) + set_policy + end + + def priority + policies(should_vhost, should_policy)[:priority] + end + + def priority=(priority) + set_policy + end + + def set_policy + unless @set_policy + @set_policy = true + resource[:applyto] ||= applyto + resource[:definition] ||= definition + resource[:pattern] ||= pattern + resource[:priority] ||= priority + # rabbitmq>=3.2.0 + if Puppet::Util::Package.versioncmp(self.class.rabbitmq_version, '3.2.0') >= 0 + rabbitmqctl('set_policy', + '-p', should_vhost, + '--priority', resource[:priority], + '--apply-to', resource[:applyto].to_s, + should_policy, + resource[:pattern], + resource[:definition].to_json + ) + else + rabbitmqctl('set_policy', + '-p', should_vhost, + should_policy, + resource[:pattern], + resource[:definition].to_json, + resource[:priority] + ) + end + end + end +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb new file mode 100644 index 00000000..eeffa953 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb @@ -0,0 +1,107 @@ +require 'json' +require 'puppet' +Puppet::Type.type(:rabbitmq_queue).provide(:rabbitmqadmin) do + + if Puppet::PUPPETVERSION.to_f < 3 + commands :rabbitmqctl => 'rabbitmqctl' + commands :rabbitmqadmin => '/usr/local/bin/rabbitmqadmin' + else + has_command(:rabbitmqctl, 'rabbitmqctl') do + environment :HOME => "/tmp" + end + has_command(:rabbitmqadmin, '/usr/local/bin/rabbitmqadmin') do + environment :HOME => "/tmp" + end + end + defaultfor :feature => :posix + + def should_vhost + if @should_vhost + @should_vhost + else + @should_vhost = resource[:name].rpartition('@').last + end + end + + def self.all_vhosts + vhosts = [] + rabbitmqctl('list_vhosts', '-q').split(/\n/).collect do |vhost| + vhosts.push(vhost) + end + vhosts + end + + def self.all_queues(vhost) + rabbitmqctl('list_queues', '-q', '-p', vhost, 'name', 'durable', 'auto_delete', 'arguments').split(/\n/) + end + + def self.instances + resources = [] + all_vhosts.each do |vhost| + all_queues(vhost).collect do |line| + name, durable, auto_delete, arguments = line.split() + # Convert output of arguments from the rabbitmqctl command to a json string. + if !arguments.nil? + arguments = arguments.gsub(/^\[(.*)\]$/, "").gsub(/\{("(?:.|\\")*?"),/, '{\1:').gsub(/\},\{/, ",") + if arguments == "" + arguments = '{}' + end + else + arguments = '{}' + end + queue = { + :durable => durable, + :auto_delete => auto_delete, + :arguments => JSON.parse(arguments), + :ensure => :present, + :name => "%s@%s" % [name, vhost], + } + resources << new(queue) if queue[:name] + end + end + resources + end + + def self.prefetch(resources) + packages = instances + resources.keys.each do |name| + if provider = packages.find{ |pkg| pkg.name == name } + resources[name].provider = provider + end + end + end + + def exists? + @property_hash[:ensure] == :present + end + + def create + vhost_opt = should_vhost ? "--vhost=#{should_vhost}" : '' + name = resource[:name].rpartition('@').first + arguments = resource[:arguments] + if arguments.nil? + arguments = {} + end + rabbitmqadmin('declare', + 'queue', + vhost_opt, + "--user=#{resource[:user]}", + "--password=#{resource[:password]}", + '-c', + '/etc/rabbitmq/rabbitmqadmin.conf', + "name=#{name}", + "durable=#{resource[:durable]}", + "auto_delete=#{resource[:auto_delete]}", + "arguments=#{arguments.to_json}" + ) + @property_hash[:ensure] = :present + end + + def destroy + vhost_opt = should_vhost ? "--vhost=#{should_vhost}" : '' + name = resource[:name].rpartition('@').first + rabbitmqadmin('delete', 'queue', vhost_opt, "--user=#{resource[:user]}", "--password=#{resource[:password]}", '-c', '/etc/rabbitmq/rabbitmqadmin.conf', "name=#{name}") + @property_hash[:ensure] = :absent + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb new file mode 100644 index 00000000..da37886c --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb @@ -0,0 +1,126 @@ +require 'puppet' +require 'set' +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl')) +Puppet::Type.type(:rabbitmq_user).provide(:rabbitmqctl, :parent => Puppet::Provider::Rabbitmqctl) do + + if Puppet::PUPPETVERSION.to_f < 3 + commands :rabbitmqctl => 'rabbitmqctl' + else + has_command(:rabbitmqctl, 'rabbitmqctl') do + environment :HOME => "/tmp" + end + end + + defaultfor :feature => :posix + + def self.instances + self.run_with_retries { + rabbitmqctl('-q', 'list_users') + }.split(/\n/).collect do |line| + if line =~ /^(\S+)(\s+\[.*?\]|)$/ + new(:name => $1) + else + raise Puppet::Error, "Cannot parse invalid user line: #{line}" + end + end + end + + def create + rabbitmqctl('add_user', resource[:name], resource[:password]) + if resource[:admin] == :true + make_user_admin() + end + if ! resource[:tags].empty? + set_user_tags(resource[:tags]) + end + end + + def change_password + rabbitmqctl('change_password', resource[:name], resource[:password]) + end + + def password + nil + end + + + def check_password + response = rabbitmqctl('eval', 'rabbit_access_control:check_user_pass_login(list_to_binary("' + resource[:name] + '"), list_to_binary("' + resource[:password] +'")).') + if response.include? 'refused' + false + else + true + end + end + + def destroy + rabbitmqctl('delete_user', resource[:name]) + end + + def exists? + self.class.run_with_retries { + rabbitmqctl('-q', 'list_users') + }.split(/\n/).detect do |line| + line.match(/^#{Regexp.escape(resource[:name])}(\s+(\[.*?\]|\S+)|)$/) + end + end + + + def tags + tags = get_user_tags + # do not expose the administrator tag for admins + if resource[:admin] == :true + tags.delete('administrator') + end + tags.entries.sort + end + + + def tags=(tags) + if ! tags.nil? + set_user_tags(tags) + end + end + + def admin + if usertags = get_user_tags + (:true if usertags.include?('administrator')) || :false + else + raise Puppet::Error, "Could not match line '#{resource[:name]} (true|false)' from list_users (perhaps you are running on an older version of rabbitmq that does not support admin users?)" + end + end + + def admin=(state) + if state == :true + make_user_admin() + else + usertags = get_user_tags + usertags.delete('administrator') + rabbitmqctl('set_user_tags', resource[:name], usertags.entries.sort) + end + end + + def set_user_tags(tags) + is_admin = get_user_tags().member?("administrator") \ + || resource[:admin] == :true + usertags = Set.new(tags) + if is_admin + usertags.add("administrator") + end + rabbitmqctl('set_user_tags', resource[:name], usertags.entries.sort) + end + + def make_user_admin + usertags = get_user_tags + usertags.add('administrator') + rabbitmqctl('set_user_tags', resource[:name], usertags.entries.sort) + end + + private + def get_user_tags + match = rabbitmqctl('-q', 'list_users').split(/\n/).collect do |line| + line.match(/^#{Regexp.escape(resource[:name])}\s+\[(.*?)\]/) + end.compact.first + Set.new(match[1].split(' ').map{|x| x.gsub(/,$/, '')}) if match + end +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb new file mode 100644 index 00000000..a0b8b5a1 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb @@ -0,0 +1,114 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl')) +Puppet::Type.type(:rabbitmq_user_permissions).provide(:rabbitmqctl, :parent => Puppet::Provider::Rabbitmqctl) do + + if Puppet::PUPPETVERSION.to_f < 3 + commands :rabbitmqctl => 'rabbitmqctl' + else + has_command(:rabbitmqctl, 'rabbitmqctl') do + environment :HOME => "/tmp" + end + end + + defaultfor :feature=> :posix + + # cache users permissions + def self.users(name, vhost) + @users = {} unless @users + unless @users[name] + @users[name] = {} + self.run_with_retries { + rabbitmqctl('-q', 'list_user_permissions', name) + }.split(/\n/).each do |line| + line = self::strip_backslashes(line) + if line =~ /^(\S+)\s+(\S*)\s+(\S*)\s+(\S*)$/ + @users[name][$1] = + {:configure => $2, :read => $4, :write => $3} + else + raise Puppet::Error, "cannot parse line from list_user_permissions:#{line}" + end + end + end + @users[name][vhost] + end + + def users(name, vhost) + self.class.users(name, vhost) + end + + def should_user + if @should_user + @should_user + else + @should_user = resource[:name].split('@')[0] + end + end + + def should_vhost + if @should_vhost + @should_vhost + else + @should_vhost = resource[:name].split('@')[1] + end + end + + def create + resource[:configure_permission] ||= "''" + resource[:read_permission] ||= "''" + resource[:write_permission] ||= "''" + rabbitmqctl('set_permissions', '-p', should_vhost, should_user, resource[:configure_permission], resource[:write_permission], resource[:read_permission]) + end + + def destroy + rabbitmqctl('clear_permissions', '-p', should_vhost, should_user) + end + + # I am implementing prefetching in exists b/c I need to be sure + # that the rabbitmq package is installed before I make this call. + def exists? + users(should_user, should_vhost) + end + + def configure_permission + users(should_user, should_vhost)[:configure] + end + + def configure_permission=(perm) + set_permissions + end + + def read_permission + users(should_user, should_vhost)[:read] + end + + def read_permission=(perm) + set_permissions + end + + def write_permission + users(should_user, should_vhost)[:write] + end + + def write_permission=(perm) + set_permissions + end + + # implement memoization so that we only call set_permissions once + def set_permissions + unless @permissions_set + @permissions_set = true + resource[:configure_permission] ||= configure_permission + resource[:read_permission] ||= read_permission + resource[:write_permission] ||= write_permission + rabbitmqctl('set_permissions', '-p', should_vhost, should_user, + resource[:configure_permission], resource[:write_permission], + resource[:read_permission] + ) + end + end + + def self.strip_backslashes(string) + # See: https://github.com/rabbitmq/rabbitmq-server/blob/v1_7/docs/rabbitmqctl.1.pod#output-escaping + string.gsub(/\\\\/, '\\') + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb new file mode 100644 index 00000000..fbd389d8 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb @@ -0,0 +1,40 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl')) +Puppet::Type.type(:rabbitmq_vhost).provide(:rabbitmqctl, :parent => Puppet::Provider::Rabbitmqctl) do + + if Puppet::PUPPETVERSION.to_f < 3 + commands :rabbitmqctl => 'rabbitmqctl' + else + has_command(:rabbitmqctl, 'rabbitmqctl') do + environment :HOME => "/tmp" + end + end + + def self.instances + self.run_with_retries { + rabbitmqctl('-q', 'list_vhosts') + }.split(/\n/).map do |line| + if line =~ /^(\S+)$/ + new(:name => $1) + else + raise Puppet::Error, "Cannot parse invalid user line: #{line}" + end + end + end + + def create + rabbitmqctl('add_vhost', resource[:name]) + end + + def destroy + rabbitmqctl('delete_vhost', resource[:name]) + end + + def exists? + out = self.class.run_with_retries { + rabbitmqctl('-q', 'list_vhosts') + }.split(/\n/).detect do |line| + line.match(/^#{Regexp.escape(resource[:name])}$/) + end + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmqctl.rb b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmqctl.rb new file mode 100644 index 00000000..d2366456 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmqctl.rb @@ -0,0 +1,33 @@ +class Puppet::Provider::Rabbitmqctl < Puppet::Provider + initvars + commands :rabbitmqctl => 'rabbitmqctl' + + def self.rabbitmq_version + output = rabbitmqctl('-q', 'status') + version = output.match(/\{rabbit,"RabbitMQ","([\d\.]+)"\}/) + version[1] if version + end + + # Retry the given code block 'count' retries or until the + # command suceeeds. Use 'step' delay between retries. + # Limit each query time by 'timeout'. + # For example: + # users = self.class.run_with_retries { rabbitmqctl 'list_users' } + def self.run_with_retries(count=30, step=6, timeout=10) + count.times do |n| + begin + output = Timeout::timeout(timeout) do + yield + end + rescue Puppet::ExecutionFailure, Timeout + Puppet.debug 'Command failed, retrying' + sleep step + else + Puppet.debug 'Command succeeded' + return output + end + end + raise Puppet::Error, "Command is still failing after #{count * step} seconds expired!" + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_binding.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_binding.rb new file mode 100644 index 00000000..13094800 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_binding.rb @@ -0,0 +1,96 @@ +Puppet::Type.newtype(:rabbitmq_binding) do + desc 'Native type for managing rabbitmq bindings' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + newparam(:name, :namevar => true) do + desc 'source and destination of bind' + newvalues(/^\S*@\S+@\S+$/) + end + + newparam(:destination_type) do + desc 'binding destination_type' + newvalues(/queue|exchange/) + defaultto('queue') + end + + newparam(:routing_key) do + desc 'binding routing_key' + newvalues(/^\S*$/) + end + + newparam(:arguments) do + desc 'binding arguments' + defaultto {} + validate do |value| + resource.validate_argument(value) + end + end + + newparam(:user) do + desc 'The user to use to connect to rabbitmq' + defaultto('guest') + newvalues(/^\S+$/) + end + + newparam(:password) do + desc 'The password to use to connect to rabbitmq' + defaultto('guest') + newvalues(/\S+/) + end + + autorequire(:rabbitmq_vhost) do + [self[:name].split('@')[2]] + end + + autorequire(:rabbitmq_exchange) do + setup_autorequire('exchange') + end + + autorequire(:rabbitmq_queue) do + setup_autorequire('queue') + end + + autorequire(:rabbitmq_user) do + [self[:user]] + end + + autorequire(:rabbitmq_user_permissions) do + [ + "#{self[:user]}@#{self[:name].split('@')[1]}", + "#{self[:user]}@#{self[:name].split('@')[0]}" + ] + end + + def setup_autorequire(type) + destination_type = value(:destination_type) + if type == 'exchange' + rval = ["#{self[:name].split('@')[0]}@#{self[:name].split('@')[2]}"] + if destination_type == type + rval.push("#{self[:name].split('@')[1]}@#{self[:name].split('@')[2]}") + end + else + if destination_type == type + rval = ["#{self[:name].split('@')[1]}@#{self[:name].split('@')[2]}"] + else + rval = [] + end + end + rval + end + + def validate_argument(argument) + unless [Hash].include?(argument.class) + raise ArgumentError, "Invalid argument" + end + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_erlang_cookie.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_erlang_cookie.rb new file mode 100644 index 00000000..c2e5898d --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_erlang_cookie.rb @@ -0,0 +1,34 @@ +Puppet::Type.newtype(:rabbitmq_erlang_cookie) do + desc 'Type to manage the rabbitmq erlang cookie securely' + + newparam(:path, :namevar => true) + + newproperty(:content) do + desc 'Content of cookie' + newvalues(/^\S+$/) + def change_to_s(current, desired) + "The rabbitmq erlang cookie was changed" + end + end + + newparam(:force) do + defaultto(:false) + newvalues(:true, :false) + end + + newparam(:rabbitmq_user) do + defaultto('rabbitmq') + end + + newparam(:rabbitmq_group) do + defaultto('rabbitmq') + end + + newparam(:rabbitmq_home) do + defaultto('/var/lib/rabbitmq') + end + + newparam(:service_name) do + newvalues(/^\S+$/) + end +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_exchange.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_exchange.rb new file mode 100644 index 00000000..b2e88a8d --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_exchange.rb @@ -0,0 +1,74 @@ +Puppet::Type.newtype(:rabbitmq_exchange) do + desc 'Native type for managing rabbitmq exchanges' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + newparam(:name, :namevar => true) do + desc 'Name of exchange' + newvalues(/^\S*@\S+$/) + end + + newparam(:type) do + desc 'Exchange type to be set *on creation*' + newvalues(/^\S+$/) + end + + newparam(:durable) do + desc 'Exchange durability to be set *on creation*' + newvalues(/^\S+$/) + end + + newparam(:auto_delete) do + desc 'Exchange auto delete option to be set *on creation*' + newvalues(/^\S+$/) + end + + newparam(:internal) do + desc 'Exchange internal option to be set *on creation*' + newvalues(/^\S+$/) + end + + newparam(:arguments) do + desc 'Exchange arguments example: {"hash-header": "message-distribution-hash"}' + defaultto {} + end + + newparam(:user) do + desc 'The user to use to connect to rabbitmq' + defaultto('guest') + newvalues(/^\S+$/) + end + + newparam(:password) do + desc 'The password to use to connect to rabbitmq' + defaultto('guest') + newvalues(/\S+/) + end + + validate do + if self[:ensure] == :present and self[:type].nil? + raise ArgumentError, "must set type when creating exchange for #{self[:name]} whose type is #{self[:type]}" + end + end + + autorequire(:rabbitmq_vhost) do + [self[:name].split('@')[1]] + end + + autorequire(:rabbitmq_user) do + [self[:user]] + end + + autorequire(:rabbitmq_user_permissions) do + ["#{self[:user]}@#{self[:name].split('@')[1]}"] + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_plugin.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_plugin.rb new file mode 100644 index 00000000..497ced4e --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_plugin.rb @@ -0,0 +1,19 @@ +Puppet::Type.newtype(:rabbitmq_plugin) do + desc 'manages rabbitmq plugins' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + newparam(:name, :namevar => true) do + 'name of the plugin to enable' + newvalues(/^\S+$/) + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_policy.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_policy.rb new file mode 100644 index 00000000..259a1d66 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_policy.rb @@ -0,0 +1,101 @@ +Puppet::Type.newtype(:rabbitmq_policy) do + desc 'Type for managing rabbitmq policies' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + autorequire(:service) { 'rabbitmq-server' } + + validate do + fail('pattern parameter is required.') if self[:ensure] == :present and self[:pattern].nil? + fail('definition parameter is required.') if self[:ensure] == :present and self[:definition].nil? + end + + newparam(:name, :namevar => true) do + desc 'combination of policy@vhost to create policy for' + newvalues(/^\S+@\S+$/) + end + + newproperty(:pattern) do + desc 'policy pattern' + validate do |value| + resource.validate_pattern(value) + end + end + + newproperty(:applyto) do + desc 'policy apply to' + newvalue(:all) + newvalue(:exchanges) + newvalue(:queues) + defaultto :all + end + + newproperty(:definition) do + desc 'policy definition' + validate do |value| + resource.validate_definition(value) + end + munge do |value| + resource.munge_definition(value) + end + end + + newproperty(:priority) do + desc 'policy priority' + newvalues(/^\d+$/) + defaultto 0 + end + + autorequire(:rabbitmq_vhost) do + [self[:name].split('@')[1]] + end + + def validate_pattern(value) + begin + Regexp.new(value) + rescue RegexpError + raise ArgumentError, "Invalid regexp #{value}" + end + end + + def validate_definition(definition) + unless [Hash].include?(definition.class) + raise ArgumentError, "Invalid definition" + end + definition.each do |k,v| + unless [String].include?(v.class) + raise ArgumentError, "Invalid definition" + end + end + if definition['ha-mode'] == 'exactly' + ha_params = definition['ha-params'] + unless ha_params.to_i.to_s == ha_params + raise ArgumentError, "Invalid ha-params '#{ha_params}' for ha-mode 'exactly'" + end + end + if definition.key? 'expires' + expires_val = definition['expires'] + unless expires_val.to_i.to_s == expires_val + raise ArgumentError, "Invalid expires value '#{expires_val}'" + end + end + end + + def munge_definition(definition) + if definition['ha-mode'] == 'exactly' + definition['ha-params'] = definition['ha-params'].to_i + end + if definition.key? 'expires' + definition['expires'] = definition['expires'].to_i + end + definition + end +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_queue.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_queue.rb new file mode 100644 index 00000000..464a2ca6 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_queue.rb @@ -0,0 +1,68 @@ +Puppet::Type.newtype(:rabbitmq_queue) do + desc 'Native type for managing rabbitmq queue' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + newparam(:name, :namevar => true) do + desc 'Name of queue' + newvalues(/^\S*@\S+$/) + end + + newparam(:durable) do + desc 'Queue is durable' + newvalues(/true|false/) + defaultto('true') + end + + newparam(:auto_delete) do + desc 'Queue will be auto deleted' + newvalues(/true|false/) + defaultto('false') + end + + newparam(:arguments) do + desc 'Queue arguments example: {x-message-ttl => 60, x-expires => 10}' + defaultto {} + validate do |value| + resource.validate_argument(value) + end + end + + newparam(:user) do + desc 'The user to use to connect to rabbitmq' + defaultto('guest') + newvalues(/^\S+$/) + end + + newparam(:password) do + desc 'The password to use to connect to rabbitmq' + defaultto('guest') + newvalues(/\S+/) + end + + autorequire(:rabbitmq_vhost) do + [self[:name].split('@')[1]] + end + + autorequire(:rabbitmq_user) do + [self[:user]] + end + + autorequire(:rabbitmq_user_permissions) do + ["#{self[:user]}@#{self[:name].split('@')[1]}"] + end + + def validate_argument(argument) + unless [Hash].include?(argument.class) + raise ArgumentError, "Invalid argument" + end + end +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_user.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_user.rb new file mode 100644 index 00000000..baf47958 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_user.rb @@ -0,0 +1,85 @@ +Puppet::Type.newtype(:rabbitmq_user) do + desc 'Native type for managing rabbitmq users' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + autorequire(:service) { 'rabbitmq-server' } + + newparam(:name, :namevar => true) do + desc 'Name of user' + newvalues(/^\S+$/) + end + + newproperty(:password) do + desc 'User password to be set *on creation* and validated each run' + def insync?(is) + provider.check_password + end + def set(value) + provider.change_password + end + def change_to_s(current, desired) + "password has been changed" + end + end + + newproperty(:admin) do + desc 'whether or not user should be an admin' + newvalues(/true|false/) + munge do |value| + # converting to_s in case its a boolean + value.to_s.to_sym + end + defaultto :false + end + + newproperty(:tags, :array_matching => :all) do + desc 'additional tags for the user' + validate do |value| + unless value =~ /^\S+$/ + raise ArgumentError, "Invalid tag: #{value.inspect}" + end + + if value == "administrator" + raise ArgumentError, "must use admin property instead of administrator tag" + end + end + defaultto [] + + def insync?(is) + self.is_to_s(is) == self.should_to_s + end + + def is_to_s(currentvalue = @is) + if currentvalue + "[#{currentvalue.sort.join(', ')}]" + else + '[]' + end + end + + def should_to_s(newvalue = @should) + if newvalue + "[#{newvalue.sort.join(', ')}]" + else + '[]' + end + end + + end + + validate do + if self[:ensure] == :present and ! self[:password] + raise ArgumentError, 'must set password when creating user' unless self[:password] + end + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_user_permissions.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_user_permissions.rb new file mode 100644 index 00000000..493d47c8 --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_user_permissions.rb @@ -0,0 +1,59 @@ +Puppet::Type.newtype(:rabbitmq_user_permissions) do + desc 'Type for managing rabbitmq user permissions' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + autorequire(:service) { 'rabbitmq-server' } + + newparam(:name, :namevar => true) do + desc 'combination of user@vhost to grant privileges to' + newvalues(/^\S+@\S+$/) + end + + newproperty(:configure_permission) do + desc 'regexp representing configuration permissions' + validate do |value| + resource.validate_permissions(value) + end + end + + newproperty(:read_permission) do + desc 'regexp representing read permissions' + validate do |value| + resource.validate_permissions(value) + end + end + + newproperty(:write_permission) do + desc 'regexp representing write permissions' + validate do |value| + resource.validate_permissions(value) + end + end + + autorequire(:rabbitmq_vhost) do + [self[:name].split('@')[1]] + end + + autorequire(:rabbitmq_user) do + [self[:name].split('@')[0]] + end + + # I may want to dissalow whitespace + def validate_permissions(value) + begin + Regexp.new(value) + rescue RegexpError + raise ArgumentError, "Invalid regexp #{value}" + end + end + +end diff --git a/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_vhost.rb b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_vhost.rb new file mode 100644 index 00000000..1349be6e --- /dev/null +++ b/3rdparty/modules/rabbitmq/lib/puppet/type/rabbitmq_vhost.rb @@ -0,0 +1,21 @@ +Puppet::Type.newtype(:rabbitmq_vhost) do + desc 'manages rabbitmq vhosts' + + ensurable do + defaultto(:present) + newvalue(:present) do + provider.create + end + newvalue(:absent) do + provider.destroy + end + end + + autorequire(:service) { 'rabbitmq-server' } + + newparam(:name, :namevar => true) do + 'name of the vhost to add' + newvalues(/^\S+$/) + end + +end diff --git a/3rdparty/modules/rabbitmq/log/centos-6-x64-vcloud/2015-05-22_18_55_23/sut.log b/3rdparty/modules/rabbitmq/log/centos-6-x64-vcloud/2015-05-22_18_55_23/sut.log new file mode 100644 index 00000000..daba18f8 --- /dev/null +++ b/3rdparty/modules/rabbitmq/log/centos-6-x64-vcloud/2015-05-22_18_55_23/sut.log @@ -0,0 +1,2 @@ +2015-05-22 18:55:24 [+] vcloud el-6-x86_64 x7igdqecc5wczwg.delivery.puppetlabs.net (centos-6-vcloud) +2015-05-22 18:56:27 [-] vcloud el-6-x86_64 x7igdqecc5wczwg.delivery.puppetlabs.net (centos-6-vcloud) diff --git a/3rdparty/modules/rabbitmq/log/centos-6-x64-vcloud/2015-05-22_18_57_07/sut.log b/3rdparty/modules/rabbitmq/log/centos-6-x64-vcloud/2015-05-22_18_57_07/sut.log new file mode 100644 index 00000000..ee5be971 --- /dev/null +++ b/3rdparty/modules/rabbitmq/log/centos-6-x64-vcloud/2015-05-22_18_57_07/sut.log @@ -0,0 +1,2 @@ +2015-05-22 18:57:08 [+] vcloud el-6-x86_64 bnzq0zsilo3bhbv.delivery.puppetlabs.net (centos-6-vcloud) +2015-05-22 19:09:48 [-] vcloud el-6-x86_64 bnzq0zsilo3bhbv.delivery.puppetlabs.net (centos-6-vcloud) diff --git a/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_18_35_45/sut.log b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_18_35_45/sut.log new file mode 100644 index 00000000..5f2329a2 --- /dev/null +++ b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_18_35_45/sut.log @@ -0,0 +1,2 @@ +2015-05-22 18:35:46 [+] vcloud debian-7-x86_64 upzah8fcy4az78n.delivery.puppetlabs.net (debian-7-vcloud) +2015-05-22 18:46:28 [-] vcloud debian-7-x86_64 upzah8fcy4az78n.delivery.puppetlabs.net (debian-7-vcloud) diff --git a/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_18_49_58/sut.log b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_18_49_58/sut.log new file mode 100644 index 00000000..322d50be --- /dev/null +++ b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_18_49_58/sut.log @@ -0,0 +1,2 @@ +2015-05-22 18:49:59 [+] vcloud debian-7-x86_64 pwvlrfgqbbgoc21.delivery.puppetlabs.net (debian-7-vcloud) +2015-05-22 18:54:13 [-] vcloud debian-7-x86_64 pwvlrfgqbbgoc21.delivery.puppetlabs.net (debian-7-vcloud) diff --git a/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_19_10_48/sut.log b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_19_10_48/sut.log new file mode 100644 index 00000000..5d01374f --- /dev/null +++ b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_19_10_48/sut.log @@ -0,0 +1,2 @@ +2015-05-22 19:10:49 [+] vcloud debian-7-x86_64 tnx0tmyf2ws118o.delivery.puppetlabs.net (debian-7-vcloud) +2015-05-22 19:11:16 [-] vcloud debian-7-x86_64 tnx0tmyf2ws118o.delivery.puppetlabs.net (debian-7-vcloud) diff --git a/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_19_11_31/sut.log b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_19_11_31/sut.log new file mode 100644 index 00000000..ff82d28a --- /dev/null +++ b/3rdparty/modules/rabbitmq/log/debian-7-x64-vcloud/2015-05-22_19_11_31/sut.log @@ -0,0 +1,2 @@ +2015-05-22 19:11:32 [+] vcloud debian-7-x86_64 inmrclcv6poi3ho.delivery.puppetlabs.net (debian-7-vcloud) +2015-05-22 19:15:48 [-] vcloud debian-7-x86_64 inmrclcv6poi3ho.delivery.puppetlabs.net (debian-7-vcloud) diff --git a/3rdparty/modules/rabbitmq/log/default/2015-05-22_18_35_28/sut.log b/3rdparty/modules/rabbitmq/log/default/2015-05-22_18_35_28/sut.log new file mode 100644 index 00000000..e69de29b diff --git a/3rdparty/modules/rabbitmq/manifests/config.pp b/3rdparty/modules/rabbitmq/manifests/config.pp new file mode 100644 index 00000000..159ae68d --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/config.pp @@ -0,0 +1,172 @@ +# Class: rabbitmq::config +# Sets all the configuration values for RabbitMQ and creates the directories for +# config and ssl. +class rabbitmq::config { + + $admin_enable = $rabbitmq::admin_enable + $cluster_node_type = $rabbitmq::cluster_node_type + $cluster_nodes = $rabbitmq::cluster_nodes + $config = $rabbitmq::config + $config_cluster = $rabbitmq::config_cluster + $config_path = $rabbitmq::config_path + $config_stomp = $rabbitmq::config_stomp + $default_user = $rabbitmq::default_user + $default_pass = $rabbitmq::default_pass + $env_config = $rabbitmq::env_config + $env_config_path = $rabbitmq::env_config_path + $erlang_cookie = $rabbitmq::erlang_cookie + $interface = $rabbitmq::interface + $management_port = $rabbitmq::management_port + $node_ip_address = $rabbitmq::node_ip_address + $plugin_dir = $rabbitmq::plugin_dir + $rabbitmq_user = $rabbitmq::rabbitmq_user + $rabbitmq_group = $rabbitmq::rabbitmq_group + $rabbitmq_home = $rabbitmq::rabbitmq_home + $port = $rabbitmq::port + $tcp_keepalive = $rabbitmq::tcp_keepalive + $service_name = $rabbitmq::service_name + $ssl = $rabbitmq::ssl + $ssl_only = $rabbitmq::ssl_only + $ssl_cacert = $rabbitmq::ssl_cacert + $ssl_cert = $rabbitmq::ssl_cert + $ssl_key = $rabbitmq::ssl_key + $ssl_port = $rabbitmq::ssl_port + $ssl_interface = $rabbitmq::ssl_interface + $ssl_management_port = $rabbitmq::ssl_management_port + $ssl_stomp_port = $rabbitmq::ssl_stomp_port + $ssl_verify = $rabbitmq::ssl_verify + $ssl_fail_if_no_peer_cert = $rabbitmq::ssl_fail_if_no_peer_cert + $ssl_versions = $rabbitmq::ssl_versions + $ssl_ciphers = $rabbitmq::ssl_ciphers + $stomp_port = $rabbitmq::stomp_port + $ldap_auth = $rabbitmq::ldap_auth + $ldap_server = $rabbitmq::ldap_server + $ldap_user_dn_pattern = $rabbitmq::ldap_user_dn_pattern + $ldap_other_bind = $rabbitmq::ldap_other_bind + $ldap_use_ssl = $rabbitmq::ldap_use_ssl + $ldap_port = $rabbitmq::ldap_port + $ldap_log = $rabbitmq::ldap_log + $ldap_config_variables = $rabbitmq::ldap_config_variables + $wipe_db_on_cookie_change = $rabbitmq::wipe_db_on_cookie_change + $config_variables = $rabbitmq::config_variables + $config_kernel_variables = $rabbitmq::config_kernel_variables + $cluster_partition_handling = $rabbitmq::cluster_partition_handling + $file_limit = $rabbitmq::file_limit + $default_env_variables = { + 'NODE_PORT' => $port, + 'NODE_IP_ADDRESS' => $node_ip_address + } + + # Handle env variables. + $environment_variables = merge($default_env_variables, $rabbitmq::environment_variables) + + file { '/etc/rabbitmq': + ensure => directory, + owner => '0', + group => '0', + mode => '0644', + } + + file { '/etc/rabbitmq/ssl': + ensure => directory, + owner => '0', + group => '0', + mode => '0644', + } + + file { 'rabbitmq.config': + ensure => file, + path => $config_path, + content => template($config), + owner => '0', + group => '0', + mode => '0644', + notify => Class['rabbitmq::service'], + } + + file { 'rabbitmq-env.config': + ensure => file, + path => $env_config_path, + content => template($env_config), + owner => '0', + group => '0', + mode => '0644', + notify => Class['rabbitmq::service'], + } + + if $admin_enable { + file { 'rabbitmqadmin.conf': + ensure => file, + path => '/etc/rabbitmq/rabbitmqadmin.conf', + content => template('rabbitmq/rabbitmqadmin.conf.erb'), + owner => '0', + group => '0', + mode => '0644', + require => File['/etc/rabbitmq'], + } + } + + case $::osfamily { + 'Debian': { + file { '/etc/default/rabbitmq-server': + ensure => file, + content => template('rabbitmq/default.erb'), + mode => '0644', + owner => '0', + group => '0', + notify => Class['rabbitmq::service'], + } + } + 'RedHat': { + if versioncmp($::operatingsystemmajrelease, '7') >= 0 { + file { '/etc/systemd/system/rabbitmq-server.service.d': + ensure => directory, + owner => '0', + group => '0', + mode => '0755', + selinux_ignore_defaults => true, + } -> + file { '/etc/systemd/system/rabbitmq-server.service.d/limits.conf': + content => template('rabbitmq/rabbitmq-server.service.d/limits.conf'), + owner => '0', + group => '0', + mode => '0644', + notify => Exec['rabbitmq-systemd-reload'], + } + exec { 'rabbitmq-systemd-reload': + command => '/usr/bin/systemctl daemon-reload', + notify => Class['Rabbitmq::Service'], + refreshonly => true, + } + } else { + file { '/etc/security/limits.d/rabbitmq-server.conf': + content => template('rabbitmq/limits.conf'), + owner => '0', + group => '0', + mode => '0644', + notify => Class['Rabbitmq::Service'], + } + } + } + default: { + } + } + + if $config_cluster { + + if $erlang_cookie == undef { + fail('You must set the $erlang_cookie value in order to configure clustering.') + } else { + rabbitmq_erlang_cookie { "${rabbitmq_home}/.erlang.cookie": + content => $erlang_cookie, + force => $wipe_db_on_cookie_change, + rabbitmq_user => $rabbitmq_user, + rabbitmq_group => $rabbitmq_group, + rabbitmq_home => $rabbitmq_home, + service_name => $service_name, + before => File['rabbitmq.config'], + notify => Class['rabbitmq::service'], + } + } + } +} diff --git a/3rdparty/modules/rabbitmq/manifests/init.pp b/3rdparty/modules/rabbitmq/manifests/init.pp new file mode 100644 index 00000000..4e115f9b --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/init.pp @@ -0,0 +1,238 @@ +# Main rabbitmq class +class rabbitmq( + $admin_enable = $rabbitmq::params::admin_enable, + $cluster_node_type = $rabbitmq::params::cluster_node_type, + $cluster_nodes = $rabbitmq::params::cluster_nodes, + $config = $rabbitmq::params::config, + $config_cluster = $rabbitmq::params::config_cluster, + $config_path = $rabbitmq::params::config_path, + $config_stomp = $rabbitmq::params::config_stomp, + $default_user = $rabbitmq::params::default_user, + $default_pass = $rabbitmq::params::default_pass, + $delete_guest_user = $rabbitmq::params::delete_guest_user, + $env_config = $rabbitmq::params::env_config, + $env_config_path = $rabbitmq::params::env_config_path, + $erlang_cookie = $rabbitmq::params::erlang_cookie, + $interface = $rabbitmq::params::interface, + $management_port = $rabbitmq::params::management_port, + $node_ip_address = $rabbitmq::params::node_ip_address, + $package_apt_pin = $rabbitmq::params::package_apt_pin, + $package_ensure = $rabbitmq::params::package_ensure, + $package_gpg_key = $rabbitmq::params::package_gpg_key, + $package_name = $rabbitmq::params::package_name, + $package_provider = $rabbitmq::params::package_provider, + $package_source = undef, + $repos_ensure = $rabbitmq::params::repos_ensure, + $manage_repos = $rabbitmq::params::manage_repos, + $plugin_dir = $rabbitmq::params::plugin_dir, + $rabbitmq_user = $rabbitmq::params::rabbitmq_user, + $rabbitmq_group = $rabbitmq::params::rabbitmq_group, + $rabbitmq_home = $rabbitmq::params::rabbitmq_home, + $port = $rabbitmq::params::port, + $tcp_keepalive = $rabbitmq::params::tcp_keepalive, + $service_ensure = $rabbitmq::params::service_ensure, + $service_manage = $rabbitmq::params::service_manage, + $service_name = $rabbitmq::params::service_name, + $ssl = $rabbitmq::params::ssl, + $ssl_only = $rabbitmq::params::ssl_only, + $ssl_cacert = $rabbitmq::params::ssl_cacert, + $ssl_cert = $rabbitmq::params::ssl_cert, + $ssl_key = $rabbitmq::params::ssl_key, + $ssl_port = $rabbitmq::params::ssl_port, + $ssl_interface = $rabbitmq::params::ssl_interface, + $ssl_management_port = $rabbitmq::params::ssl_management_port, + $ssl_stomp_port = $rabbitmq::params::ssl_stomp_port, + $ssl_verify = $rabbitmq::params::ssl_verify, + $ssl_fail_if_no_peer_cert = $rabbitmq::params::ssl_fail_if_no_peer_cert, + $ssl_versions = $rabbitmq::params::ssl_versions, + $ssl_ciphers = $rabbitmq::params::ssl_ciphers, + $stomp_ensure = $rabbitmq::params::stomp_ensure, + $ldap_auth = $rabbitmq::params::ldap_auth, + $ldap_server = $rabbitmq::params::ldap_server, + $ldap_user_dn_pattern = $rabbitmq::params::ldap_user_dn_pattern, + $ldap_other_bind = $rabbitmq::params::ldap_other_bind, + $ldap_use_ssl = $rabbitmq::params::ldap_use_ssl, + $ldap_port = $rabbitmq::params::ldap_port, + $ldap_log = $rabbitmq::params::ldap_log, + $ldap_config_variables = $rabbitmq::params::ldap_config_variables, + $stomp_port = $rabbitmq::params::stomp_port, + $version = $rabbitmq::params::version, + $wipe_db_on_cookie_change = $rabbitmq::params::wipe_db_on_cookie_change, + $cluster_partition_handling = $rabbitmq::params::cluster_partition_handling, + $file_limit = $rabbitmq::params::file_limit, + $environment_variables = $rabbitmq::params::environment_variables, + $config_variables = $rabbitmq::params::config_variables, + $config_kernel_variables = $rabbitmq::params::config_kernel_variables, + $key_content = undef, +) inherits rabbitmq::params { + + validate_bool($admin_enable) + # Validate install parameters. + validate_re($package_apt_pin, '^(|\d+)$') + validate_string($package_ensure) + validate_string($package_gpg_key) + validate_string($package_name) + validate_string($package_provider) + validate_bool($repos_ensure) + validate_re($version, '^\d+\.\d+\.\d+(-\d+)*$') # Allow 3 digits and optional -n postfix. + # Validate config parameters. + validate_re($cluster_node_type, '^(ram|disc|disk)$') # Both disc and disk are valid http://www.rabbitmq.com/clustering.html + validate_array($cluster_nodes) + validate_string($config) + validate_absolute_path($config_path) + validate_bool($config_cluster) + validate_bool($config_stomp) + validate_string($default_user) + validate_string($default_pass) + validate_bool($delete_guest_user) + validate_string($env_config) + validate_absolute_path($env_config_path) + validate_string($erlang_cookie) + if ! is_integer($management_port) { + validate_re($management_port, '\d+') + } + validate_string($node_ip_address) + validate_absolute_path($plugin_dir) + if ! is_integer($port) { + validate_re($port, ['\d+','UNSET']) + } + if ! is_integer($stomp_port) { + validate_re($stomp_port, '\d+') + } + validate_bool($wipe_db_on_cookie_change) + validate_bool($tcp_keepalive) + if ! is_integer($file_limit) { + validate_re($file_limit, '^(unlimited|infinity)$', '$file_limit must be an integer, \'unlimited\', or \'infinity\'.') + } + # Validate service parameters. + validate_re($service_ensure, '^(running|stopped)$') + validate_bool($service_manage) + validate_string($service_name) + validate_bool($ssl) + validate_bool($ssl_only) + validate_string($ssl_cacert) + validate_string($ssl_cert) + validate_string($ssl_key) + validate_array($ssl_ciphers) + if ! is_integer($ssl_port) { + validate_re($ssl_port, '\d+') + } + if ! is_integer($ssl_management_port) { + validate_re($ssl_management_port, '\d+') + } + if ! is_integer($ssl_stomp_port) { + validate_re($ssl_stomp_port, '\d+') + } + validate_bool($stomp_ensure) + validate_bool($ldap_auth) + validate_string($ldap_server) + validate_string($ldap_user_dn_pattern) + validate_string($ldap_other_bind) + validate_hash($ldap_config_variables) + validate_bool($ldap_use_ssl) + validate_re($ldap_port, '\d+') + validate_bool($ldap_log) + validate_hash($environment_variables) + validate_hash($config_variables) + validate_hash($config_kernel_variables) + + if $ssl_only and ! $ssl { + fail('$ssl_only => true requires that $ssl => true') + } + + if $config_stomp and $ssl_stomp_port and ! $ssl { + warning('$ssl_stomp_port requires that $ssl => true and will be ignored') + } + + if $ssl_versions { + if $ssl { + validate_array($ssl_versions) + } else { + fail('$ssl_versions requires that $ssl => true') + } + } + + # This needs to happen here instead of params.pp because + # $package_source needs to override the constructed value in params.pp + if $package_source { # $package_source was specified by user so use that one + $real_package_source = $package_source + # NOTE(bogdando) do not enforce the source value for yum provider #MODULES-1631 + } elsif $package_provider != 'yum' { + # package_source was not specified, so construct it, unless the provider is 'yum' + case $::osfamily { + 'RedHat', 'SUSE': { + $base_version = regsubst($version,'^(.*)-\d$','\1') + $real_package_source = "http://www.rabbitmq.com/releases/rabbitmq-server/v${base_version}/rabbitmq-server-${version}.noarch.rpm" + } + default: { # Archlinux and Debian + $real_package_source = '' + } + } + } else { # for yum provider, use the source as is + $real_package_source = $package_source + } + + include '::rabbitmq::install' + include '::rabbitmq::config' + include '::rabbitmq::service' + include '::rabbitmq::management' + + if $manage_repos != undef { + warning('$manage_repos is now deprecated. Please use $repos_ensure instead') + } + + if $manage_repos != false { + case $::osfamily { + 'RedHat', 'SUSE': + { include '::rabbitmq::repo::rhel' } + 'Debian': { + class { '::rabbitmq::repo::apt' : + key_source => $package_gpg_key, + key_content => $key_content, + } + } + default: + { } + } + } + + if $admin_enable and $service_manage { + include '::rabbitmq::install::rabbitmqadmin' + + rabbitmq_plugin { 'rabbitmq_management': + ensure => present, + require => Class['rabbitmq::install'], + notify => Class['rabbitmq::service'], + } + + Class['::rabbitmq::service'] -> Class['::rabbitmq::install::rabbitmqadmin'] + Class['::rabbitmq::install::rabbitmqadmin'] -> Rabbitmq_exchange<| |> + } + + if $stomp_ensure { + rabbitmq_plugin { 'rabbitmq_stomp': + ensure => present, + require => Class['rabbitmq::install'], + notify => Class['rabbitmq::service'], + } + } + + if ($ldap_auth) { + rabbitmq_plugin { 'rabbitmq_auth_backend_ldap': + ensure => present, + require => Class['rabbitmq::install'], + notify => Class['rabbitmq::service'], + } + } + + anchor { 'rabbitmq::begin': } + anchor { 'rabbitmq::end': } + + Anchor['rabbitmq::begin'] -> Class['::rabbitmq::install'] + -> Class['::rabbitmq::config'] ~> Class['::rabbitmq::service'] + -> Class['::rabbitmq::management'] -> Anchor['rabbitmq::end'] + + # Make sure the various providers have their requirements in place. + Class['::rabbitmq::install'] -> Rabbitmq_plugin<| |> + +} diff --git a/3rdparty/modules/rabbitmq/manifests/install.pp b/3rdparty/modules/rabbitmq/manifests/install.pp new file mode 100644 index 00000000..f2df83aa --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/install.pp @@ -0,0 +1,23 @@ +# Class rabbitmq::install +# Ensures the rabbitmq-server exists +class rabbitmq::install { + + $package_ensure = $rabbitmq::package_ensure + $package_name = $rabbitmq::package_name + $package_provider = $rabbitmq::package_provider + $package_source = $rabbitmq::real_package_source + + package { 'rabbitmq-server': + ensure => $package_ensure, + name => $package_name, + provider => $package_provider, + notify => Class['rabbitmq::service'], + } + + if $package_source { + Package['rabbitmq-server'] { + source => $package_source, + } + } + +} diff --git a/3rdparty/modules/rabbitmq/manifests/install/rabbitmqadmin.pp b/3rdparty/modules/rabbitmq/manifests/install/rabbitmqadmin.pp new file mode 100644 index 00000000..bf545eea --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/install/rabbitmqadmin.pp @@ -0,0 +1,35 @@ +# +class rabbitmq::install::rabbitmqadmin { + + if($rabbitmq::ssl) { + $management_port = $rabbitmq::ssl_management_port + } + else { + $management_port = $rabbitmq::management_port + } + + $default_user = $rabbitmq::default_user + $default_pass = $rabbitmq::default_pass + $protocol = $rabbitmq::ssl ? { false => 'http', default => 'https' } + + staging::file { 'rabbitmqadmin': + target => "${rabbitmq::rabbitmq_home}/rabbitmqadmin", + source => "${protocol}://${default_user}:${default_pass}@localhost:${management_port}/cli/rabbitmqadmin", + curl_option => '-k --noproxy localhost --retry 30 --retry-delay 6', + timeout => '180', + wget_option => '--no-proxy', + require => [ + Class['rabbitmq::service'], + Rabbitmq_plugin['rabbitmq_management'] + ], + } + + file { '/usr/local/bin/rabbitmqadmin': + owner => 'root', + group => '0', + source => "${rabbitmq::rabbitmq_home}/rabbitmqadmin", + mode => '0755', + require => Staging::File['rabbitmqadmin'], + } + +} diff --git a/3rdparty/modules/rabbitmq/manifests/management.pp b/3rdparty/modules/rabbitmq/manifests/management.pp new file mode 100644 index 00000000..481a7b4f --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/management.pp @@ -0,0 +1,13 @@ +# +class rabbitmq::management { + + $delete_guest_user = $rabbitmq::delete_guest_user + + if $delete_guest_user { + rabbitmq_user{ 'guest': + ensure => absent, + provider => 'rabbitmqctl', + } + } + +} diff --git a/3rdparty/modules/rabbitmq/manifests/params.pp b/3rdparty/modules/rabbitmq/manifests/params.pp new file mode 100644 index 00000000..7366d957 --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/params.pp @@ -0,0 +1,121 @@ + # Class: rabbitmq::params +# +# The RabbitMQ Module configuration settings. +# +class rabbitmq::params { + + case $::osfamily { + 'Archlinux': { + $package_ensure = 'installed' + $package_name = 'rabbitmq' + $service_name = 'rabbitmq' + $version = '3.1.3-1' + $rabbitmq_user = 'rabbitmq' + $rabbitmq_group = 'rabbitmq' + $rabbitmq_home = '/var/lib/rabbitmq' + $plugin_dir = "/usr/lib/rabbitmq/lib/rabbitmq_server-${version}/plugins" + } + 'Debian': { + $package_ensure = 'installed' + $package_name = 'rabbitmq-server' + $service_name = 'rabbitmq-server' + $package_provider = 'apt' + $version = '3.1.5' + $rabbitmq_user = 'rabbitmq' + $rabbitmq_group = 'rabbitmq' + $rabbitmq_home = '/var/lib/rabbitmq' + $plugin_dir = "/usr/lib/rabbitmq/lib/rabbitmq_server-${version}/plugins" + } + 'OpenBSD': { + $package_ensure = 'installed' + $package_name = 'rabbitmq' + $service_name = 'rabbitmq' + $version = '3.4.2' + $rabbitmq_user = '_rabbitmq' + $rabbitmq_group = '_rabbitmq' + $rabbitmq_home = '/var/rabbitmq' + $plugin_dir = '/usr/local/lib/rabbitmq/plugins' + } + 'RedHat': { + $package_ensure = 'installed' + $package_name = 'rabbitmq-server' + $service_name = 'rabbitmq-server' + $package_provider = 'rpm' + $version = '3.1.5-1' + $rabbitmq_user = 'rabbitmq' + $rabbitmq_group = 'rabbitmq' + $rabbitmq_home = '/var/lib/rabbitmq' + $plugin_dir = "/usr/lib/rabbitmq/lib/rabbitmq_server-${version}/plugins" + } + 'SUSE': { + $package_ensure = 'installed' + $package_name = 'rabbitmq-server' + $service_name = 'rabbitmq-server' + $package_provider = 'zypper' + $version = '3.1.5-1' + $rabbitmq_user = 'rabbitmq' + $rabbitmq_group = 'rabbitmq' + $rabbitmq_home = '/var/lib/rabbitmq' + $plugin_dir = "/usr/lib/rabbitmq/lib/rabbitmq_server-${version}/plugins" + } + default: { + fail("The ${module_name} module is not supported on an ${::osfamily} based system.") + } + } + + #install + $admin_enable = true + $management_port = '15672' + $package_apt_pin = '' + $package_gpg_key = 'http://www.rabbitmq.com/rabbitmq-signing-key-public.asc' + $repos_ensure = true + $manage_repos = undef + $service_ensure = 'running' + $service_manage = true + #config + $cluster_node_type = 'disc' + $cluster_nodes = [] + $config = 'rabbitmq/rabbitmq.config.erb' + $config_cluster = false + $config_path = '/etc/rabbitmq/rabbitmq.config' + $config_stomp = false + $default_user = 'guest' + $default_pass = 'guest' + $delete_guest_user = false + $env_config = 'rabbitmq/rabbitmq-env.conf.erb' + $env_config_path = '/etc/rabbitmq/rabbitmq-env.conf' + $erlang_cookie = undef + $interface = 'UNSET' + $node_ip_address = 'UNSET' + $port = '5672' + $tcp_keepalive = false + $ssl = false + $ssl_only = false + $ssl_cacert = 'UNSET' + $ssl_cert = 'UNSET' + $ssl_key = 'UNSET' + $ssl_port = '5671' + $ssl_interface = 'UNSET' + $ssl_management_port = '15671' + $ssl_stomp_port = '6164' + $ssl_verify = 'verify_none' + $ssl_fail_if_no_peer_cert = false + $ssl_versions = undef + $ssl_ciphers = [] + $stomp_ensure = false + $ldap_auth = false + $ldap_server = 'ldap' + $ldap_user_dn_pattern = 'cn=username,ou=People,dc=example,dc=com' + $ldap_other_bind = 'anon' + $ldap_use_ssl = false + $ldap_port = '389' + $ldap_log = false + $ldap_config_variables = {} + $stomp_port = '6163' + $wipe_db_on_cookie_change = false + $cluster_partition_handling = 'ignore' + $environment_variables = {} + $config_variables = {} + $config_kernel_variables = {} + $file_limit = 16384 +} diff --git a/3rdparty/modules/rabbitmq/manifests/repo/apt.pp b/3rdparty/modules/rabbitmq/manifests/repo/apt.pp new file mode 100644 index 00000000..0902e2c2 --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/repo/apt.pp @@ -0,0 +1,41 @@ +# requires +# puppetlabs-apt +# puppetlabs-stdlib +class rabbitmq::repo::apt( + $location = 'http://www.rabbitmq.com/debian/', + $release = 'testing', + $repos = 'main', + $include_src = false, + $key = 'F78372A06FF50C80464FC1B4F7B8CEA6056E8E56', + $key_source = 'http://www.rabbitmq.com/rabbitmq-signing-key-public.asc', + $key_content = undef, + ) { + + $pin = $rabbitmq::package_apt_pin + + Class['rabbitmq::repo::apt'] -> Package<| title == 'rabbitmq-server' |> + + $ensure_source = $rabbitmq::repos_ensure ? { + false => 'absent', + default => 'present', + } + + apt::source { 'rabbitmq': + ensure => $ensure_source, + location => $location, + release => $release, + repos => $repos, + include_src => $include_src, + key => $key, + key_source => $key_source, + key_content => $key_content, + } + + if $pin != '' { + validate_re($pin, '\d\d\d') + apt::pin { 'rabbitmq': + packages => 'rabbitmq-server', + priority => $pin, + } + } +} diff --git a/3rdparty/modules/rabbitmq/manifests/repo/rhel.pp b/3rdparty/modules/rabbitmq/manifests/repo/rhel.pp new file mode 100644 index 00000000..28490994 --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/repo/rhel.pp @@ -0,0 +1,16 @@ +# Class: rabbitmq::repo::rhel +# Imports the gpg key if it doesn't already exist. +class rabbitmq::repo::rhel { + + if $rabbitmq::repos_ensure { + + $package_gpg_key = $rabbitmq::package_gpg_key + + Class['rabbitmq::repo::rhel'] -> Package<| title == 'rabbitmq-server' |> + + exec { "rpm --import ${package_gpg_key}": + path => ['/bin','/usr/bin','/sbin','/usr/sbin'], + unless => 'rpm -q gpg-pubkey-056e8e56-468e43f2 2>/dev/null', + } + } +} diff --git a/3rdparty/modules/rabbitmq/manifests/server.pp b/3rdparty/modules/rabbitmq/manifests/server.pp new file mode 100644 index 00000000..05de184f --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/server.pp @@ -0,0 +1,82 @@ +# Class: rabbitmq::server +# +# This module manages the installation and config of the rabbitmq server +# it has only been tested on certain version of debian-ish systems +# Parameters: +# [*port*] - port where rabbitmq server is hosted +# [*delete_guest_user*] - rather or not to delete the default user +# [*version*] - version of rabbitmq-server to install +# [*package_name*] - name of rabbitmq package +# [*service_name*] - name of rabbitmq service +# [*service_ensure*] - desired ensure state for service +# [*stomp_port*] - port stomp should be listening on +# [*node_ip_address*] - ip address for rabbitmq to bind to +# [*config*] - contents of config file +# [*env_config*] - contents of env-config file +# [*config_cluster*] - whether to configure a RabbitMQ cluster +# [*cluster_nodes*] - which nodes to cluster with (including the current one) +# [*cluster_node_type*] - Type of cluster node (disc/disk or ram) +# [*erlang_cookie*] - erlang cookie, must be the same for all nodes in a cluster +# [*wipe_db_on_cookie_change*] - whether to wipe the RabbitMQ data if the specified +# erlang_cookie differs from the current one. This is a sad parameter: actually, +# if the cookie indeed differs, then wiping the database is the *only* thing you +# can do. You're only required to set this parameter to true as a sign that you +# realise this. +# Requires: +# stdlib +# Sample Usage: +# +# This module is used as backward compability layer for modules +# which require rabbitmq::server instead of rabbitmq class. +# It's still common uasge in many modules. +# +# +# [Remember: No empty lines between comments and class definition] +class rabbitmq::server( + $port = $rabbitmq::params::port, + $delete_guest_user = $rabbitmq::params::delete_guest_user, + $package_name = $rabbitmq::params::package_name, + $version = $rabbitmq::params::version, + $service_name = $rabbitmq::params::service_name, + $service_ensure = $rabbitmq::params::service_ensure, + $service_manage = $rabbitmq::params::service_manage, + $config_stomp = $rabbitmq::params::config_stomp, + $stomp_port = $rabbitmq::params::stomp_port, + $config_cluster = $rabbitmq::params::config_cluster, + $cluster_nodes = $rabbitmq::params::cluster_nodes, + $cluster_node_type = $rabbitmq::params::cluster_node_type, + $node_ip_address = $rabbitmq::params::node_ip_address, + $config = $rabbitmq::params::config, + $env_config = $rabbitmq::params::env_config, + $erlang_cookie = $rabbitmq::params::erlang_cookie, + $wipe_db_on_cookie_change = $rabbitmq::params::wipe_db_on_cookie_change, +) inherits rabbitmq::params { + + anchor {'before::rabbimq::class': + before => Class['rabbitmq'], + } + + anchor {'after::rabbimq::class': + require => Class['rabbitmq'], + } + + class { 'rabbitmq': + port => $port, + delete_guest_user => $delete_guest_user, + package_name => $package_name, + version => $version, + service_name => $service_name, + service_ensure => $service_ensure, + service_manage => $service_manage, + config_stomp => $config_stomp, + stomp_port => $stomp_port, + config_cluster => $config_cluster, + cluster_nodes => $cluster_nodes, + cluster_node_type => $cluster_node_type, + node_ip_address => $node_ip_address, + config => $config, + env_config => $env_config, + erlang_cookie => $erlang_cookie, + wipe_db_on_cookie_change => $wipe_db_on_cookie_change, + } +} diff --git a/3rdparty/modules/rabbitmq/manifests/service.pp b/3rdparty/modules/rabbitmq/manifests/service.pp new file mode 100644 index 00000000..c01aa64a --- /dev/null +++ b/3rdparty/modules/rabbitmq/manifests/service.pp @@ -0,0 +1,40 @@ +# Class: rabbitmq::service +# +# This class manages the rabbitmq server service itself. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +class rabbitmq::service( + $service_ensure = $rabbitmq::service_ensure, + $service_manage = $rabbitmq::service_manage, + $service_name = $rabbitmq::service_name, +) inherits rabbitmq { + + validate_re($service_ensure, '^(running|stopped)$') + validate_bool($service_manage) + + if ($service_manage) { + if $service_ensure == 'running' { + $ensure_real = 'running' + $enable_real = true + } else { + $ensure_real = 'stopped' + $enable_real = false + } + + service { 'rabbitmq-server': + ensure => $ensure_real, + enable => $enable_real, + hasstatus => true, + hasrestart => true, + name => $service_name, + } + } + +} diff --git a/3rdparty/modules/rabbitmq/metadata.json b/3rdparty/modules/rabbitmq/metadata.json new file mode 100644 index 00000000..945a26f4 --- /dev/null +++ b/3rdparty/modules/rabbitmq/metadata.json @@ -0,0 +1,55 @@ +{ + "name": "puppetlabs-rabbitmq", + "version": "5.2.1", + "author": "puppetlabs", + "summary": "Installs, configures, and manages RabbitMQ.", + "license": "Apache-2.0", + "source": "https://github.com/puppetlabs/puppetlabs-rabbitmq", + "project_page": "https://github.com/puppetlabs/puppetlabs-rabbitmq", + "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "12.04", + "14.04" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": "3.x" + }, + { + "name": "puppet", + "version_requirement": "3.x" + } + ], + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":">=3.0.0 <5.0.0"}, + {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <2.0.0"}, + {"name":"nanliu/staging","version_requirement":">=0.3.1 <2.0.0"} + ] +} diff --git a/3rdparty/modules/rabbitmq/spec/README.markdown b/3rdparty/modules/rabbitmq/spec/README.markdown new file mode 100644 index 00000000..286d3417 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/README.markdown @@ -0,0 +1,7 @@ +Specs +===== + +The Puppet project uses RSpec for testing. + +For more information on RSpec, see http://rspec.info/ + diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/class_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/class_spec.rb new file mode 100644 index 00000000..b5b50cd3 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/class_spec.rb @@ -0,0 +1,95 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq class:' do + case fact('osfamily') + when 'RedHat' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + when 'SUSE' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + when 'Debian' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + when 'Archlinux' + package_name = 'rabbitmq' + service_name = 'rabbitmq' + end + + context "default class inclusion" do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + # Apply twice to ensure no errors the second time. + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_changes => true).exit_code).to be_zero + end + + describe package(package_name) do + it { should be_installed } + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end + + context "disable and stop service" do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + service_ensure => 'stopped', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should_not be_enabled } + it { should_not be_running } + end + end + + context "service is unmanaged" do + it 'should run successfully' do + pp_pre = <<-EOS + class { 'rabbitmq': } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + pp = <<-EOS + class { 'rabbitmq': + service_manage => false, + service_ensure => 'stopped', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp_pre, :catch_failures => true) + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/clustering_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/clustering_spec.rb new file mode 100644 index 00000000..438c65ba --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/clustering_spec.rb @@ -0,0 +1,60 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq clustering' do + context 'rabbitmq::wipe_db_on_cookie_change => false' do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + config_cluster => true, + cluster_nodes => ['rabbit1', 'rabbit2'], + cluster_node_type => 'ram', + erlang_cookie => 'TESTCOOKIE', + wipe_db_on_cookie_change => false, + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp, :expect_failures => true) + end + + describe file('/var/lib/rabbitmq/.erlang.cookie') do + it { should_not contain 'TESTCOOKIE' } + end + + end + context 'rabbitmq::wipe_db_on_cookie_change => true' do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + config_cluster => true, + cluster_nodes => ['rabbit1', 'rabbit2'], + cluster_node_type => 'ram', + erlang_cookie => 'TESTCOOKIE', + wipe_db_on_cookie_change => true, + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe file('/etc/rabbitmq/rabbitmq.config') do + it { should be_file } + it { should contain 'cluster_nodes' } + it { should contain 'rabbit@rabbit1' } + it { should contain 'rabbit@rabbit2' } + it { should contain 'ram' } + end + + describe file('/var/lib/rabbitmq/.erlang.cookie') do + it { should be_file } + it { should contain 'TESTCOOKIE' } + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/delete_guest_user_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/delete_guest_user_spec.rb new file mode 100644 index 00000000..d480e884 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/delete_guest_user_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq with delete_guest_user' do + context 'delete_guest_user' do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + port => '5672', + delete_guest_user => true, + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp, :catch_failures => true) + shell('rabbitmqctl list_users > /tmp/rabbitmqctl_users') + end + + describe file('/tmp/rabbitmqctl_users') do + it { should be_file } + it { should_not contain 'guest' } + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-59-x64.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-59-x64.yml new file mode 100644 index 00000000..2ad90b86 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-59-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-59-x64: + roles: + - master + platform: el-5-x86_64 + box : centos-59-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-6-x64-vcloud.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-6-x64-vcloud.yml new file mode 100644 index 00000000..9c5a3d0e --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-6-x64-vcloud.yml @@ -0,0 +1,16 @@ +HOSTS: + 'centos-6-vcloud': + roles: + - master + platform: el-6-x86_64 + hypervisor: vcloud + template: centos-6-x86_64 +CONFIG: + type: foss + ssh: + keys: "~/.ssh/id_rsa-acceptance" + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-64-x64-pe.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-64-x64-pe.yml new file mode 100644 index 00000000..7d9242f1 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-64-x64-pe.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-64-x64: + roles: + - master + - database + - dashboard + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: pe diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-65-x64.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 00000000..4e2cb809 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/debian-7-x64-vcloud.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/debian-7-x64-vcloud.yml new file mode 100644 index 00000000..6082c189 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/debian-7-x64-vcloud.yml @@ -0,0 +1,16 @@ +HOSTS: + 'debian-7-vcloud': + roles: + - master + platform: debian-7-x86_64 + hypervisor: vcloud + template: debian-7-x86_64 +CONFIG: + type: foss + ssh: + keys: "~/.ssh/id_rsa-acceptance" + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/default.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/default.yml new file mode 100644 index 00000000..ce47212a --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/default.yml @@ -0,0 +1,11 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 00000000..5ca1514e --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 00000000..d065b304 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 00000000..cba1cd04 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/policy_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/policy_spec.rb new file mode 100644 index 00000000..26858ecc --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/policy_spec.rb @@ -0,0 +1,47 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq policy on a vhost:' do + + + context "create policy resource" do + it 'should run successfully' do + pp = <<-EOS + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true } + Class['erlang'] -> Class['::rabbitmq'] + } + class { '::rabbitmq': + service_manage => true, + port => '5672', + delete_guest_user => true, + admin_enable => true, + } -> + + rabbitmq_vhost { 'myhost': + ensure => present, + } -> + + rabbitmq_policy { 'ha-all@myhost': + pattern => '.*', + priority => 0, + applyto => 'all', + definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic', + }, + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'should have the policy' do + shell('rabbitmqctl list_policies -p myhost') do |r| + expect(r.stdout).to match(/myhost.*ha-all.*ha-sync-mode/) + expect(r.exit_code).to be_zero + end + end + + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/queue_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/queue_spec.rb new file mode 100644 index 00000000..a1643a63 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/queue_spec.rb @@ -0,0 +1,157 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq binding:' do + + + context "create binding and queue resources when rabbit using default management port" do + it 'should run successfully' do + pp = <<-EOS + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true } + Class['erlang'] -> Class['::rabbitmq'] + } + class { '::rabbitmq': + service_manage => true, + port => '5672', + delete_guest_user => true, + admin_enable => true, + } -> + + rabbitmq_user { 'dan': + admin => true, + password => 'bar', + tags => ['monitoring', 'tag1'], + } -> + + rabbitmq_user_permissions { 'dan@host1': + configure_permission => '.*', + read_permission => '.*', + write_permission => '.*', + } + + rabbitmq_vhost { 'host1': + ensure => present, + } -> + + rabbitmq_exchange { 'exchange1@host1': + user => 'dan', + password => 'bar', + type => 'topic', + ensure => present, + } -> + + rabbitmq_queue { 'queue1@host1': + user => 'dan', + password => 'bar', + durable => true, + auto_delete => false, + ensure => present, + } -> + + rabbitmq_binding { 'exchange1@queue1@host1': + user => 'dan', + password => 'bar', + destination_type => 'queue', + routing_key => '#', + ensure => present, + } + + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'should have the binding' do + shell('rabbitmqctl list_bindings -q -p host1') do |r| + expect(r.stdout).to match(/exchange1\sexchange\squeue1\squeue\s#/) + expect(r.exit_code).to be_zero + end + end + + it 'should have the queue' do + shell('rabbitmqctl list_queues -q -p host1') do |r| + expect(r.stdout).to match(/queue1/) + expect(r.exit_code).to be_zero + end + end + + end + + context "create binding and queue resources when rabbit using a non-default management port" do + it 'should run successfully' do + pp = <<-EOS + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true } + Class['erlang'] -> Class['::rabbitmq'] + } + class { '::rabbitmq': + service_manage => true, + port => '5672', + management_port => '11111', + delete_guest_user => true, + admin_enable => true, + } -> + + rabbitmq_user { 'dan': + admin => true, + password => 'bar', + tags => ['monitoring', 'tag1'], + } -> + + rabbitmq_user_permissions { 'dan@host2': + configure_permission => '.*', + read_permission => '.*', + write_permission => '.*', + } + + rabbitmq_vhost { 'host2': + ensure => present, + } -> + + rabbitmq_exchange { 'exchange2@host2': + user => 'dan', + password => 'bar', + type => 'topic', + ensure => present, + } -> + + rabbitmq_queue { 'queue2@host2': + user => 'dan', + password => 'bar', + durable => true, + auto_delete => false, + ensure => present, + } -> + + rabbitmq_binding { 'exchange2@queue2@host2': + user => 'dan', + password => 'bar', + destination_type => 'queue', + routing_key => '#', + ensure => present, + } + + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'should have the binding' do + shell('rabbitmqctl list_bindings -q -p host2') do |r| + expect(r.stdout).to match(/exchange2\sexchange\squeue2\squeue\s#/) + expect(r.exit_code).to be_zero + end + end + + it 'should have the queue' do + shell('rabbitmqctl list_queues -q -p host2') do |r| + expect(r.stdout).to match(/queue2/) + expect(r.exit_code).to be_zero + end + end + + end + +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/rabbitmqadmin_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/rabbitmqadmin_spec.rb new file mode 100644 index 00000000..e9d619cd --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/rabbitmqadmin_spec.rb @@ -0,0 +1,85 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq::install::rabbitmqadmin class' do + context 'does nothing if service is unmanaged' do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + admin_enable => true, + service_manage => false, + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + shell('rm -f /var/lib/rabbitmq/rabbitmqadmin') + apply_manifest(pp, :catch_failures => true) + end + + describe file('/var/lib/rabbitmq/rabbitmqadmin') do + it { should_not be_file } + end + end + + context 'downloads the cli tools' do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + admin_enable => true, + service_manage => true, + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe file('/var/lib/rabbitmq/rabbitmqadmin') do + it { should be_file } + end + end + + context 'works with specified default credentials' do + it 'should run successfully' do + # make sure credential change takes effect before admin_enable + pp_pre = <<-EOS + class { 'rabbitmq': + service_manage => true, + default_user => 'foobar', + default_pass => 'bazblam', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + pp = <<-EOS + class { 'rabbitmq': + admin_enable => true, + service_manage => true, + default_user => 'foobar', + default_pass => 'bazblam', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + shell('rm -f /var/lib/rabbitmq/rabbitmqadmin') + apply_manifest(pp_pre, :catch_failures => true) + apply_manifest(pp, :catch_failures => true) + end + + describe file('/var/lib/rabbitmq/rabbitmqadmin') do + it { should be_file } + end + end + +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/server_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/server_spec.rb new file mode 100644 index 00000000..d99f995d --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/server_spec.rb @@ -0,0 +1,96 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq server:' do + case fact('osfamily') + when 'RedHat' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + when 'SUSE' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + when 'Debian' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + when 'Archlinux' + package_name = 'rabbitmq' + service_name = 'rabbitmq' + end + + context "default class inclusion" do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq::server': } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq::server'] + } + EOS + + # Apply twice to ensure no errors the second time. + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_changes => true).exit_code).to be_zero + end + + describe package(package_name) do + it { should be_installed } + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end + + context "disable and stop service" do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq::server': + service_ensure => 'stopped', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq::server'] + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should_not be_enabled } + it { should_not be_running } + end + end + + context "service is unmanaged" do + it 'should run successfully' do + pp_pre = <<-EOS + class { 'rabbitmq::server': } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq::server'] + } + EOS + + pp = <<-EOS + class { 'rabbitmq::server': + service_manage => false, + service_ensure => 'stopped', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq::server'] + } + EOS + + + apply_manifest(pp_pre, :catch_failures => true) + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/user_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/user_spec.rb new file mode 100644 index 00000000..6aab665a --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/user_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq user:' do + + + context "create user resource" do + it 'should run successfully' do + pp = <<-EOS + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true } + Class['erlang'] -> Class['::rabbitmq'] + } + class { '::rabbitmq': + service_manage => true, + port => '5672', + delete_guest_user => true, + admin_enable => true, + } -> + + rabbitmq_user { 'dan': + admin => true, + password => 'bar', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'should have the user' do + shell('rabbitmqctl list_users') do |r| + expect(r.stdout).to match(/dan.*administrator/) + expect(r.exit_code).to be_zero + end + end + + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/vhost_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/vhost_spec.rb new file mode 100644 index 00000000..ef1c2a34 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/vhost_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper_acceptance' + +describe 'rabbitmq vhost:' do + + + context "create vhost resource" do + it 'should run successfully' do + pp = <<-EOS + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true } + Class['erlang'] -> Class['::rabbitmq'] + } + class { '::rabbitmq': + service_manage => true, + port => '5672', + delete_guest_user => true, + admin_enable => true, + } -> + + rabbitmq_vhost { 'myhost': + ensure => present, + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'should have the vhost' do + shell('rabbitmqctl list_vhosts') do |r| + expect(r.stdout).to match(/myhost/) + expect(r.exit_code).to be_zero + end + end + + end +end diff --git a/3rdparty/modules/rabbitmq/spec/acceptance/zz281_spec.rb b/3rdparty/modules/rabbitmq/spec/acceptance/zz281_spec.rb new file mode 100644 index 00000000..05e5ef40 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/acceptance/zz281_spec.rb @@ -0,0 +1,213 @@ +require 'spec_helper_acceptance' +# +# beacuse of some serious issues with upgrading and downgrading rabbitmq on RedHat, +# we need to run all of the 2.8.1 tests last. +# +# NOTE that this is only tested on RedHat and probably only works there. But I can't seem +# to get 'confine' to work... +# + +describe 'rabbitmq class with 2.8.1:' do + case fact('osfamily') + when 'RedHat' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + package_source = "http://www.rabbitmq.com/releases/rabbitmq-server/v2.8.1/rabbitmq-server-2.8.1-1.noarch.rpm" + package_ensure = '2.8.1-1' + when 'SUSE' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + package_source = "http://www.rabbitmq.com/releases/rabbitmq-server/v2.8.1/rabbitmq-server-2.8.1-1.noarch.rpm" + package_ensure = '2.8.1-1' + when 'Debian' + package_name = 'rabbitmq-server' + service_name = 'rabbitmq-server' + package_source = '' + package_ensure = '2.8.1' + when 'Archlinux' + package_name = 'rabbitmq' + service_name = 'rabbitmq' + package_source = '' + package_ensure = '2.8.1' + end + + context "default class inclusion" do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + version => '2.8.1-1', + package_source => '#{package_source}', + package_ensure => '#{package_ensure}', + package_provider => 'rpm', + management_port => '55672', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + # clean up previous 3.x install - can't be ungraded cleanly via RPM + shell('service rabbitmq-server stop') + shell('yum -y erase rabbitmq-server') + shell('rm -Rf /var/lib/rabbitmq/mnesia /etc/rabbitmq /var/lib/rabbitmq/rabbitmqadmin') + # Apply twice to ensure no errors the second time. + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_changes => true).exit_code).to be_zero + # DEBUG + shell('netstat -lntp') + end + + describe command('rabbitmqctl status') do + its(:stdout) { should match /{rabbit,"RabbitMQ","2.8.1"}/ } + end + + describe package(package_name) do + it { should be_installed } + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end + + context "disable and stop service" do + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + version => '2.8.1-1', + package_source => '#{package_source}', + package_ensure => '#{package_ensure}', + package_provider => 'rpm', + management_port => '55672', + service_ensure => 'stopped', + admin_enable => false, + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should_not be_enabled } + it { should_not be_running } + end + end + + context "service is unmanaged" do + it 'should run successfully' do + pp_pre = <<-EOS + class { 'rabbitmq': + version => '2.8.1-1', + package_source => '#{package_source}', + package_ensure => '#{package_ensure}', + package_provider => 'rpm', + management_port => '55672', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + pp = <<-EOS + class { 'rabbitmq': + service_manage => false, + service_ensure => 'stopped', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + apply_manifest(pp_pre, :catch_failures => true) + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end + + context 'rabbitmqadmin' do + #confine :to, :platform => 'el-6-x86' + + it 'should run successfully' do + pp = <<-EOS + class { 'rabbitmq': + admin_enable => true, + service_manage => true, + version => '2.8.1-1', + package_source => '#{package_source}', + package_ensure => '#{package_ensure}', + package_provider => 'rpm', + management_port => '55672', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + shell('rm -f /var/lib/rabbitmq/rabbitmqadmin') + apply_manifest(pp, :catch_failures => true) + end + + # since serverspec (used by beaker-rspec) can only tell present/absent for packages + describe file('/var/lib/rabbitmq/rabbitmqadmin') do + it { should be_file } + end + + describe command('/usr/local/bin/rabbitmqadmin --help') do + its(:exit_status) { should eq 0 } + end + + end + + context 'rabbitmqadmin with specified default credentials' do + + it 'should run successfully' do + # make sure credential change takes effect before admin_enable + pp = <<-EOS + class { 'rabbitmq': + admin_enable => true, + service_manage => true, + version => '2.8.1-1', + package_source => '#{package_source}', + package_ensure => '#{package_ensure}', + package_provider => 'rpm', + management_port => '55672', + default_user => 'foobar', + default_pass => 'bazblam', + } + if $::osfamily == 'RedHat' { + class { 'erlang': epel_enable => true} + Class['erlang'] -> Class['rabbitmq'] + } + EOS + + # next 3 lines - see MODULES-1085 + shell('service rabbitmq-server stop') + shell('rm -Rf /var/lib/rabbitmq/mnesia /var/lib/rabbitmq/rabbitmqadmin') + apply_manifest(pp, :catch_failures => true) + end + + # since serverspec (used by beaker-rspec) can only tell present/absent for packages + describe file('/var/lib/rabbitmq/rabbitmqadmin') do + it { should be_file } + end + + describe command('/usr/local/bin/rabbitmqadmin --help') do + its(:exit_status) { should eq 0 } + end + + end + +end diff --git a/3rdparty/modules/rabbitmq/spec/classes/rabbitmq_spec.rb b/3rdparty/modules/rabbitmq/spec/classes/rabbitmq_spec.rb new file mode 100644 index 00000000..675a8759 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/classes/rabbitmq_spec.rb @@ -0,0 +1,1099 @@ +require 'spec_helper' + +describe 'rabbitmq' do + + context 'on unsupported distributions' do + let(:facts) {{ :osfamily => 'Unsupported' }} + + it 'we fail' do + expect { catalogue }.to raise_error(Puppet::Error, /not supported on an Unsupported/) + end + end + + context 'on Debian' do + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + it 'includes rabbitmq::repo::apt' do + should contain_class('rabbitmq::repo::apt') + end + + describe 'apt::source default values' do + it 'should add a repo with defaults values' do + should contain_apt__source('rabbitmq').with( { + :ensure => 'present', + :location => 'http://www.rabbitmq.com/debian/', + :release => 'testing', + :repos => 'main', + }) + end + end + end + + context 'on Debian' do + let(:params) {{ :manage_repos => false }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + it 'does ensure rabbitmq apt::source is absent when manage_repos is false' do + should_not contain_apt__source('rabbitmq') + end + end + + context 'on Debian' do + let(:params) {{ :manage_repos => true }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + + it 'includes rabbitmq::repo::apt' do + should contain_class('rabbitmq::repo::apt') + end + + describe 'apt::source default values' do + it 'should add a repo with defaults values' do + should contain_apt__source('rabbitmq').with( { + :ensure => 'present', + :location => 'http://www.rabbitmq.com/debian/', + :release => 'testing', + :repos => 'main', + }) + end + end + end + + context 'on Debian' do + let(:params) {{ :repos_ensure => false }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + it 'does ensure rabbitmq apt::source is absent when repos_ensure is false' do + should contain_apt__source('rabbitmq').with( + 'ensure' => 'absent' + ) + end + end + + context 'on Debian' do + let(:params) {{ :repos_ensure => true }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + + it 'includes rabbitmq::repo::apt' do + should contain_class('rabbitmq::repo::apt') + end + + describe 'apt::source default values' do + it 'should add a repo with defaults values' do + should contain_apt__source('rabbitmq').with( { + :ensure => 'present', + :location => 'http://www.rabbitmq.com/debian/', + :release => 'testing', + :repos => 'main', + }) + end + end + end + + context 'on Debian' do + let(:params) {{ :manage_repos => true, :repos_ensure => false }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + + it 'includes rabbitmq::repo::apt' do + should contain_class('rabbitmq::repo::apt') + end + + describe 'apt::source default values' do + it 'should add a repo with defaults values' do + should contain_apt__source('rabbitmq').with( { + :ensure => 'absent', + }) + end + end + end + + context 'on Debian' do + let(:params) {{ :manage_repos => true, :repos_ensure => true }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + + it 'includes rabbitmq::repo::apt' do + should contain_class('rabbitmq::repo::apt') + end + + describe 'apt::source default values' do + it 'should add a repo with defaults values' do + should contain_apt__source('rabbitmq').with( { + :ensure => 'present', + :location => 'http://www.rabbitmq.com/debian/', + :release => 'testing', + :repos => 'main', + }) + end + end + end + + context 'on Debian' do + let(:params) {{ :manage_repos => false, :repos_ensure => true }} + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + it 'does ensure rabbitmq apt::source is absent when manage_repos is false and repos_ensure is true' do + should_not contain_apt__source('rabbitmq') + end + end + + context 'on Debian' do + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze' }} + context 'with manage_repos => false and repos_ensure => false' do + let(:params) {{ :manage_repos => false, :repos_ensure => false }} + it 'does ensure rabbitmq apt::source is absent when manage_repos is false and repos_ensure is false' do + should_not contain_apt__source('rabbitmq') + end + end + + context 'with file_limit => unlimited' do + let(:params) {{ :file_limit => 'unlimited' }} + it { should contain_file('/etc/default/rabbitmq-server').with_content(/ulimit -n unlimited/) } + end + + context 'with file_limit => infinity' do + let(:params) {{ :file_limit => 'infinity' }} + it { should contain_file('/etc/default/rabbitmq-server').with_content(/ulimit -n infinity/) } + end + + context 'with file_limit => -1' do + let(:params) {{ :file_limit => -1 }} + it { should contain_file('/etc/default/rabbitmq-server').with_content(/ulimit -n -1/) } + end + + context 'with file_limit => \'1234\'' do + let(:params) {{ :file_limit => '1234' }} + it { should contain_file('/etc/default/rabbitmq-server').with_content(/ulimit -n 1234/) } + end + + context 'with file_limit => foo' do + let(:params) {{ :file_limit => 'foo' }} + it 'does not compile' do + expect { catalogue }.to raise_error(Puppet::Error, /\$file_limit must be an integer, 'unlimited', or 'infinity'/) + end + end + end + + context 'on Redhat' do + let(:facts) {{ :osfamily => 'RedHat' }} + it 'includes rabbitmq::repo::rhel' do + should contain_class('rabbitmq::repo::rhel') + should contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :repos_ensure => false }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does not import repo public key when repos_ensure is false' do + should contain_class('rabbitmq::repo::rhel') + should_not contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :repos_ensure => true }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does import repo public key when repos_ensure is true' do + should contain_class('rabbitmq::repo::rhel') + should contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :manage_repos => false }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does not import repo public key when manage_repos is false' do + should_not contain_class('rabbitmq::repo::rhel') + should_not contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :manage_repos => true }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does import repo public key when manage_repos is true' do + should contain_class('rabbitmq::repo::rhel') + should contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :manage_repos => false, :repos_ensure => true }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does not import repo public key when manage_repos is false and repos_ensure is true' do + should_not contain_class('rabbitmq::repo::rhel') + should_not contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :manage_repos => true, :repos_ensure => true }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does import repo public key when manage_repos is true and repos_ensure is true' do + should contain_class('rabbitmq::repo::rhel') + should contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :manage_repos => false, :repos_ensure => false }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does not import repo public key when manage_repos is false and repos_ensure is false' do + should_not contain_class('rabbitmq::repo::rhel') + should_not contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on Redhat' do + let(:params) {{ :manage_repos => true, :repos_ensure => false }} + let(:facts) {{ :osfamily => 'RedHat' }} + it 'does not import repo public key when manage_repos is true and repos_ensure is false' do + should contain_class('rabbitmq::repo::rhel') + should_not contain_exec('rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc') + end + end + + context 'on RedHat 7.0 or more' do + let(:facts) {{ :osfamily => 'RedHat', :operatingsystemmajrelease => '7' }} + + it { should contain_file('/etc/systemd/system/rabbitmq-server.service.d').with( + 'ensure' => 'directory', + 'owner' => '0', + 'group' => '0', + 'mode' => '0755', + 'selinux_ignore_defaults' => true + ) } + + it { should contain_exec('rabbitmq-systemd-reload').with( + 'command' => '/usr/bin/systemctl daemon-reload', + 'notify' => 'Class[Rabbitmq::Service]', + 'refreshonly' => true + ) } + context 'with file_limit => unlimited' do + let(:params) {{ :file_limit => 'unlimited' }} + it { should contain_file('/etc/systemd/system/rabbitmq-server.service.d/limits.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Exec[rabbitmq-systemd-reload]', + 'content' => '[Service] +LimitNOFILE=unlimited +' + ) } + end + + context 'with file_limit => infinity' do + let(:params) {{ :file_limit => 'infinity' }} + it { should contain_file('/etc/systemd/system/rabbitmq-server.service.d/limits.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Exec[rabbitmq-systemd-reload]', + 'content' => '[Service] +LimitNOFILE=infinity +' + ) } + end + + context 'with file_limit => -1' do + let(:params) {{ :file_limit => -1 }} + it { should contain_file('/etc/systemd/system/rabbitmq-server.service.d/limits.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Exec[rabbitmq-systemd-reload]', + 'content' => '[Service] +LimitNOFILE=-1 +' + ) } + end + + context 'with file_limit => \'1234\'' do + let(:params) {{ :file_limit => '1234' }} + it { should contain_file('/etc/systemd/system/rabbitmq-server.service.d/limits.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Exec[rabbitmq-systemd-reload]', + 'content' => '[Service] +LimitNOFILE=1234 +' + ) } + end + + context 'with file_limit => foo' do + let(:params) {{ :file_limit => 'foo' }} + it 'does not compile' do + expect { catalogue }.to raise_error(Puppet::Error, /\$file_limit must be an integer, 'unlimited', or 'infinity'/) + end + end + end + + context 'on RedHat before 7.0' do + let(:facts) {{ :osfamily => 'RedHat', :operatingsystemmajrelease => '6' }} + + context 'with file_limit => unlimited' do + let(:params) {{ :file_limit => 'unlimited' }} + it { should contain_file('/etc/security/limits.d/rabbitmq-server.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Class[Rabbitmq::Service]', + 'content' => 'rabbitmq soft nofile unlimited +rabbitmq hard nofile unlimited +' + ) } + end + + context 'with file_limit => infinity' do + let(:params) {{ :file_limit => 'infinity' }} + it { should contain_file('/etc/security/limits.d/rabbitmq-server.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Class[Rabbitmq::Service]', + 'content' => 'rabbitmq soft nofile infinity +rabbitmq hard nofile infinity +' + ) } + end + + context 'with file_limit => -1' do + let(:params) {{ :file_limit => -1 }} + it { should contain_file('/etc/security/limits.d/rabbitmq-server.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Class[Rabbitmq::Service]', + 'content' => 'rabbitmq soft nofile -1 +rabbitmq hard nofile -1 +' + ) } + end + + context 'with file_limit => \'1234\'' do + let(:params) {{ :file_limit => '1234' }} + it { should contain_file('/etc/security/limits.d/rabbitmq-server.conf').with( + 'owner' => '0', + 'group' => '0', + 'mode' => '0644', + 'notify' => 'Class[Rabbitmq::Service]', + 'content' => 'rabbitmq soft nofile 1234 +rabbitmq hard nofile 1234 +' + ) } + end + + context 'with file_limit => foo' do + let(:params) {{ :file_limit => 'foo' }} + it 'does not compile' do + expect { catalogue }.to raise_error(Puppet::Error, /\$file_limit must be an integer, 'unlimited', or 'infinity'/) + end + end + end + + ['Debian', 'RedHat', 'SUSE', 'Archlinux'].each do |distro| + context "on #{distro}" do + let(:facts) {{ + :osfamily => distro, + :lsbdistcodename => 'squeeze', + :lsbdistid => 'Debian' + }} + + it { should contain_class('rabbitmq::install') } + it { should contain_class('rabbitmq::config') } + it { should contain_class('rabbitmq::service') } + + context 'with admin_enable set to true' do + let(:params) {{ :admin_enable => true }} + context 'with service_manage set to true' do + it 'we enable the admin interface by default' do + should contain_class('rabbitmq::install::rabbitmqadmin') + should contain_rabbitmq_plugin('rabbitmq_management').with( + 'require' => 'Class[Rabbitmq::Install]', + 'notify' => 'Class[Rabbitmq::Service]' + ) + should contain_staging__file('rabbitmqadmin').with_source("http://guest:guest@localhost:15672/cli/rabbitmqadmin") + end + end + context 'with service_manage set to true and default user/pass specified' do + let(:params) {{ :admin_enable => true, :default_user => 'foobar', :default_pass => 'hunter2' }} + it 'we use the correct URL to rabbitmqadmin' do + should contain_staging__file('rabbitmqadmin').with_source("http://foobar:hunter2@localhost:15672/cli/rabbitmqadmin") + end + end + context 'with service_manage set to true and management port specified' do + # note that the 2.x management port is 55672 not 15672 + let(:params) {{ :admin_enable => true, :management_port => '55672' }} + it 'we use the correct URL to rabbitmqadmin' do + should contain_staging__file('rabbitmqadmin').with_source("http://guest:guest@localhost:55672/cli/rabbitmqadmin") + end + end + context 'with service_manage set to false' do + let(:params) {{ :admin_enable => true, :service_manage => false }} + it 'should do nothing' do + should_not contain_class('rabbitmq::install::rabbitmqadmin') + should_not contain_rabbitmq_plugin('rabbitmq_management') + end + end + end + + describe 'manages configuration directory correctly' do + it { should contain_file('/etc/rabbitmq').with( + 'ensure' => 'directory' + )} + end + + describe 'manages configuration file correctly' do + it { should contain_file('rabbitmq.config') } + end + + context 'configures config_cluster' do + let(:facts) {{ :osfamily => distro, :lsbdistid => 'Debian' }} + let(:params) {{ + :config_cluster => true, + :cluster_nodes => ['hare-1', 'hare-2'], + :cluster_node_type => 'ram', + :wipe_db_on_cookie_change => false + }} + + describe 'with defaults' do + it 'fails' do + expect { catalogue }.to raise_error(Puppet::Error, /You must set the \$erlang_cookie value/) + end + end + + describe 'with erlang_cookie set' do + let(:params) {{ + :config_cluster => true, + :cluster_nodes => ['hare-1', 'hare-2'], + :cluster_node_type => 'ram', + :erlang_cookie => 'TESTCOOKIE', + :wipe_db_on_cookie_change => true + }} + it 'contains the rabbitmq_erlang_cookie' do + should contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') + end + end + + describe 'and sets appropriate configuration' do + let(:params) {{ + :config_cluster => true, + :cluster_nodes => ['hare-1', 'hare-2'], + :cluster_node_type => 'ram', + :erlang_cookie => 'ORIGINAL', + :wipe_db_on_cookie_change => true + }} + it 'for cluster_nodes' do + should contain_file('rabbitmq.config').with({ + 'content' => /cluster_nodes.*\['rabbit@hare-1', 'rabbit@hare-2'\], ram/, + }) + end + + end + end + + describe 'rabbitmq-env configuration' do + let(:params) {{ :environment_variables => { + 'NODE_IP_ADDRESS' => '1.1.1.1', + 'NODE_PORT' => '5656', + 'NODENAME' => 'HOSTNAME', + 'SERVICENAME' => 'RabbitMQ', + 'CONSOLE_LOG' => 'RabbitMQ.debug', + 'CTL_ERL_ARGS' => 'verbose', + 'SERVER_ERL_ARGS' => 'v', + 'SERVER_START_ARGS' => 'debug' + }}} + it 'should set environment variables' do + should contain_file('rabbitmq-env.config') \ + .with_content(/NODE_IP_ADDRESS=1.1.1.1/) \ + .with_content(/NODE_PORT=5656/) \ + .with_content(/NODENAME=HOSTNAME/) \ + .with_content(/SERVICENAME=RabbitMQ/) \ + .with_content(/CONSOLE_LOG=RabbitMQ.debug/) \ + .with_content(/CTL_ERL_ARGS=verbose/) \ + .with_content(/SERVER_ERL_ARGS=v/) \ + .with_content(/SERVER_START_ARGS=debug/) + end + end + + context 'delete_guest_user' do + describe 'should do nothing by default' do + it { should_not contain_rabbitmq_user('guest') } + end + + describe 'delete user when delete_guest_user set' do + let(:params) {{ :delete_guest_user => true }} + it 'removes the user' do + should contain_rabbitmq_user('guest').with( + 'ensure' => 'absent', + 'provider' => 'rabbitmqctl' + ) + end + end + end + + context 'configuration setting' do + describe 'node_ip_address when set' do + let(:params) {{ :node_ip_address => '172.0.0.1' }} + it 'should set NODE_IP_ADDRESS to specified value' do + should contain_file('rabbitmq-env.config'). + with_content(%r{NODE_IP_ADDRESS=172\.0\.0\.1}) + end + end + + describe 'stomp by default' do + it 'should not specify stomp parameters in rabbitmq.config' do + should contain_file('rabbitmq.config').without({ + 'content' => /stomp/,}) + end + end + describe 'stomp when set' do + let(:params) {{ :config_stomp => true, :stomp_port => 5679 }} + it 'should specify stomp port in rabbitmq.config' do + should contain_file('rabbitmq.config').with({ + 'content' => /rabbitmq_stomp.*tcp_listeners, \[5679\]/m, + }) + end + end + describe 'stomp when set ssl port w/o ssl enabled' do + let(:params) {{ :config_stomp => true, :stomp_port => 5679, :ssl => false, :ssl_stomp_port => 5680 }} + it 'should not configure ssl_listeners in rabbitmq.config' do + should contain_file('rabbitmq.config').without({ + 'content' => /rabbitmq_stomp.*ssl_listeners, \[5680\]/m, + }) + end + end + describe 'stomp when set with ssl' do + let(:params) {{ :config_stomp => true, :stomp_port => 5679, :ssl => true, :ssl_stomp_port => 5680 }} + it 'should specify stomp port and ssl stomp port in rabbitmq.config' do + should contain_file('rabbitmq.config').with({ + 'content' => /rabbitmq_stomp.*tcp_listeners, \[5679\].*ssl_listeners, \[5680\]/m, + }) + end + end + end + + describe 'configuring ldap authentication' do + let :params do + { :config_stomp => true, + :ldap_auth => true, + :ldap_server => 'ldap.example.com', + :ldap_user_dn_pattern => 'ou=users,dc=example,dc=com', + :ldap_other_bind => 'as_user', + :ldap_use_ssl => false, + :ldap_port => '389', + :ldap_log => true, + :ldap_config_variables => { 'foo' => 'bar' } + } + end + + it { should contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') } + + it 'should contain ldap parameters' do + verify_contents(catalogue, 'rabbitmq.config', + ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}', + ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},', + ' {servers, ["ldap.example.com"]},', + ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},', + ' {port, 389},', ' {foo, bar},', ' {log, true}']) + end + end + + describe 'configuring ldap authentication' do + let :params do + { :config_stomp => false, + :ldap_auth => true, + :ldap_server => 'ldap.example.com', + :ldap_user_dn_pattern => 'ou=users,dc=example,dc=com', + :ldap_other_bind => 'as_user', + :ldap_use_ssl => false, + :ldap_port => '389', + :ldap_log => true, + :ldap_config_variables => { 'foo' => 'bar' } + } + end + + it { should contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') } + + it 'should contain ldap parameters' do + verify_contents(catalogue, 'rabbitmq.config', + ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}', + ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},', + ' {servers, ["ldap.example.com"]},', + ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},', + ' {port, 389},', ' {foo, bar},', ' {log, true}']) + end + end + + describe 'default_user and default_pass set' do + let(:params) {{ :default_user => 'foo', :default_pass => 'bar' }} + it 'should set default_user and default_pass to specified values' do + should contain_file('rabbitmq.config').with({ + 'content' => /default_user, <<"foo">>.*default_pass, <<"bar">>/m, + }) + end + end + + describe 'interfaces option with no ssl' do + let(:params) { + { :interface => '0.0.0.0', + } } + + it 'should set ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\{"0.0.0.0", 5672\}\]}) + end + end + + describe 'ssl options' do + let(:params) { + { :ssl => true, + :ssl_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key' + } } + + it 'should set ssl options to specified values' do + should contain_file('rabbitmq.config').with_content( + %r{ssl_listeners, \[3141\]} + ) + should contain_file('rabbitmq.config').with_content( + %r{ssl_options, \[} + ) + should contain_file('rabbitmq.config').with_content( + %r{cacertfile,"/path/to/cacert"} + ) + should contain_file('rabbitmq.config').with_content( + %r{certfile,"/path/to/cert"} + ) + should contain_file('rabbitmq.config').with_content( + %r{keyfile,"/path/to/key"} + ) + end + end + + + describe 'ssl options with ssl_interfaces' do + let(:params) { + { :ssl => true, + :ssl_port => 3141, + :ssl_interface => '0.0.0.0', + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key' + } } + + it 'should set ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) + should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) + end + end + + + + describe 'ssl options with ssl_only' do + let(:params) { + { :ssl => true, + :ssl_only => true, + :ssl_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key' + } } + + it 'should set ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]}) + should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) + should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) + should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) + end + end + + describe 'ssl options with ssl_only and ssl_interfaces' do + let(:params) { + { :ssl => true, + :ssl_only => true, + :ssl_port => 3141, + :ssl_interface => '0.0.0.0', + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key' + } } + + it 'should set ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]}) + should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) + should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) + end + end + + describe 'ssl options with specific ssl versions' do + let(:params) { + { :ssl => true, + :ssl_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :ssl_versions => ['tlsv1.2', 'tlsv1.1'] + } } + + it 'should set ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) + should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) + should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) + should contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]}) + should contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.1', 'tlsv1.2'\]}) + end + end + + describe 'ssl options with invalid ssl_versions type' do + let(:params) { + { :ssl => true, + :ssl_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :ssl_versions => 'tlsv1.2, tlsv1.1' + } } + + it 'fails' do + expect { catalogue }.to raise_error(Puppet::Error, /is not an Array/) + end + end + + describe 'ssl options with ssl_versions and not ssl' do + let(:params) { + { :ssl => false, + :ssl_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :ssl_versions => ['tlsv1.2', 'tlsv1.1'] + } } + + it 'fails' do + expect { catalogue }.to raise_error(Puppet::Error, /\$ssl_versions requires that \$ssl => true/) + end + end + + describe 'ssl options with ssl ciphers' do + let(:params) { + { :ssl => true, + :ssl_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :ssl_ciphers => ['ecdhe_rsa,aes_256_cbc,sha', 'dhe_rsa,aes_256_cbc,sha'] + } } + + it 'should set ssl ciphers to specified values' do + should contain_file('rabbitmq.config').with_content(%r{ciphers,\[[[:space:]]+{dhe_rsa,aes_256_cbc,sha},[[:space:]]+{ecdhe_rsa,aes_256_cbc,sha}[[:space:]]+\]}) + end + end + + describe 'ssl admin options with specific ssl versions' do + let(:params) { + { :ssl => true, + :ssl_management_port => 5926, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :ssl_versions => ['tlsv1.2', 'tlsv1.1'], + :admin_enable => true + } } + + it 'should set admin ssl opts to specified values' do + should contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) + should contain_file('rabbitmq.config').with_content(%r{listener, \[}) + should contain_file('rabbitmq.config').with_content(%r{port, 5926\}}) + should contain_file('rabbitmq.config').with_content(%r{ssl, true\}}) + should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},}) + should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},}) + should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}}) + should contain_file('rabbitmq.config').with_content(%r{,\{versions, \['tlsv1.1', 'tlsv1.2'\]\}[\r\n ]*\]\}}) + end + end + + describe 'ssl admin options' do + let(:params) { + { :ssl => true, + :ssl_management_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :admin_enable => true + } } + + it 'should set rabbitmq_management ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) + should contain_file('rabbitmq.config').with_content(%r{listener, \[}) + should contain_file('rabbitmq.config').with_content(%r{port, 3141\}}) + should contain_file('rabbitmq.config').with_content(%r{ssl, true\}}) + should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},}) + should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},}) + should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}[\r\n ]*\]\}}) + end + end + + describe 'admin without ssl' do + let(:params) { + { :ssl => false, + :management_port => 3141, + :admin_enable => true + } } + + it 'should set rabbitmq_management options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) + should contain_file('rabbitmq.config').with_content(%r{listener, \[}) + should contain_file('rabbitmq.config').with_content(%r{port, 3141\}}) + end + end + + describe 'ssl admin options' do + let(:params) { + { :ssl => true, + :ssl_management_port => 3141, + :ssl_cacert => '/path/to/cacert', + :ssl_cert => '/path/to/cert', + :ssl_key => '/path/to/key', + :admin_enable => true + } } + + it 'should set rabbitmq_management ssl options to specified values' do + should contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[}) + should contain_file('rabbitmq.config').with_content(%r{listener, \[}) + should contain_file('rabbitmq.config').with_content(%r{port, 3141\},}) + should contain_file('rabbitmq.config').with_content(%r{ssl, true\},}) + should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},}) + should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},}) + should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}[\r\n ]*\]\}}) + end + end + + describe 'admin without ssl' do + let(:params) { + { :ssl => false, + :management_port => 3141, + :admin_enable => true + } } + + it 'should set rabbitmq_management options to specified values' do + should contain_file('rabbitmq.config') \ + .with_content(/\{rabbitmq_management, \[/) \ + .with_content(/\{listener, \[/) \ + .with_content(/\{port, 3141\}/) + end + end + + describe 'config_variables options' do + let(:params) {{ :config_variables => { + 'hipe_compile' => true, + 'vm_memory_high_watermark' => 0.4, + 'frame_max' => 131072, + 'collect_statistics' => "none", + 'auth_mechanisms' => "['PLAIN', 'AMQPLAIN']", + }}} + it 'should set environment variables' do + should contain_file('rabbitmq.config') \ + .with_content(/\{hipe_compile, true\}/) \ + .with_content(/\{vm_memory_high_watermark, 0.4\}/) \ + .with_content(/\{frame_max, 131072\}/) \ + .with_content(/\{collect_statistics, none\}/) \ + .with_content(/\{auth_mechanisms, \['PLAIN', 'AMQPLAIN'\]\}/) + end + end + + describe 'config_kernel_variables options' do + let(:params) {{ :config_kernel_variables => { + 'inet_dist_listen_min' => 9100, + 'inet_dist_listen_max' => 9105, + }}} + it 'should set config variables' do + should contain_file('rabbitmq.config') \ + .with_content(/\{inet_dist_listen_min, 9100\}/) \ + .with_content(/\{inet_dist_listen_max, 9105\}/) + end + end + + describe 'tcp_keepalive enabled' do + let(:params) {{ :tcp_keepalive => true }} + it 'should set tcp_listen_options keepalive true' do + should contain_file('rabbitmq.config') \ + .with_content(/\{tcp_listen_options, \[\{keepalive, true\}\]\},/) + end + end + + describe 'tcp_keepalive disabled (default)' do + it 'should not set tcp_listen_options' do + should contain_file('rabbitmq.config') \ + .without_content(/\{tcp_listen_options, \[\{keepalive, true\}\]\},/) + end + end + + describe 'non-bool tcp_keepalive parameter' do + let :params do + { :tcp_keepalive => 'string' } + end + + it 'should raise an error' do + expect { + should contain_file('rabbitmq.config') + }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + + context 'delete_guest_user' do + describe 'should do nothing by default' do + it { should_not contain_rabbitmq_user('guest') } + end + + describe 'delete user when delete_guest_user set' do + let(:params) {{ :delete_guest_user => true }} + it 'removes the user' do + should contain_rabbitmq_user('guest').with( + 'ensure' => 'absent', + 'provider' => 'rabbitmqctl' + ) + end + end + end + + ## + ## rabbitmq::service + ## + describe 'service with default params' do + it { should contain_service('rabbitmq-server').with( + 'ensure' => 'running', + 'enable' => 'true', + 'hasstatus' => 'true', + 'hasrestart' => 'true' + )} + end + + describe 'service with ensure stopped' do + let :params do + { :service_ensure => 'stopped' } + end + + it { should contain_service('rabbitmq-server').with( + 'ensure' => 'stopped', + 'enable' => false + ) } + end + + describe 'service with ensure neither running neither stopped' do + let :params do + { :service_ensure => 'foo' } + end + + it 'should raise an error' do + expect { + should contain_service('rabbitmq-server').with( + 'ensure' => 'stopped' ) + }.to raise_error(Puppet::Error, /validate_re\(\): "foo" does not match "\^\(running\|stopped\)\$"/) + end + end + + describe 'service with service_manage equal to false' do + let :params do + { :service_manage => false } + end + + it { should_not contain_service('rabbitmq-server') } + end + + end + end + + ## + ## rabbitmq::install + ## + context "on RHEL" do + let(:facts) {{ :osfamily => 'RedHat' }} + let(:params) {{ :package_source => 'http://www.rabbitmq.com/releases/rabbitmq-server/v3.2.3/rabbitmq-server-3.2.3-1.noarch.rpm' }} + it 'installs the rabbitmq package' do + should contain_package('rabbitmq-server').with( + 'ensure' => 'installed', + 'name' => 'rabbitmq-server', + 'provider' => 'rpm', + 'source' => 'http://www.rabbitmq.com/releases/rabbitmq-server/v3.2.3/rabbitmq-server-3.2.3-1.noarch.rpm' + ) + end + end + + context "on Debian" do + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian', :lsbdistcodename => 'precise' }} + it 'installs the rabbitmq package' do + should contain_package('rabbitmq-server').with( + 'ensure' => 'installed', + 'name' => 'rabbitmq-server', + 'provider' => 'apt' + ) + end + end + + context "on Archlinux" do + let(:facts) {{ :osfamily => 'Archlinux' }} + it 'installs the rabbitmq package' do + should contain_package('rabbitmq-server').with( + 'ensure' => 'installed', + 'name' => 'rabbitmq') + end + end + + describe 'repo management on Debian' do + let(:facts) {{ :osfamily => 'Debian', :lsbdistid => 'Debian' }} + + context 'with no pin' do + let(:params) {{ :package_apt_pin => '' }} + describe 'it sets up an apt::source' do + + it { should contain_apt__source('rabbitmq').with( + 'location' => 'http://www.rabbitmq.com/debian/', + 'release' => 'testing', + 'repos' => 'main', + 'include_src' => false, + 'key' => 'F78372A06FF50C80464FC1B4F7B8CEA6056E8E56' + ) } + end + end + + context 'with pin' do + let(:params) {{ :package_apt_pin => '700' }} + describe 'it sets up an apt::source and pin' do + + it { should contain_apt__source('rabbitmq').with( + 'location' => 'http://www.rabbitmq.com/debian/', + 'release' => 'testing', + 'repos' => 'main', + 'include_src' => false, + 'key' => 'F78372A06FF50C80464FC1B4F7B8CEA6056E8E56' + ) } + + it { should contain_apt__pin('rabbitmq').with( + 'packages' => 'rabbitmq-server', + 'priority' => '700' + ) } + + end + end + end + + ['RedHat', 'SuSE'].each do |distro| + describe "repo management on #{distro}" do + describe 'imports the key' do + let(:facts) {{ :osfamily => distro }} + let(:params) {{ :package_gpg_key => 'http://www.rabbitmq.com/rabbitmq-signing-key-public.asc' }} + + it { should contain_exec("rpm --import #{params[:package_gpg_key]}").with( + 'path' => ['/bin','/usr/bin','/sbin','/usr/sbin'] + ) } + end + end + end + +end diff --git a/3rdparty/modules/rabbitmq/spec/spec.opts b/3rdparty/modules/rabbitmq/spec/spec.opts new file mode 100644 index 00000000..91cd6427 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/3rdparty/modules/rabbitmq/spec/spec_helper.rb b/3rdparty/modules/rabbitmq/spec/spec_helper.rb new file mode 100644 index 00000000..2c6f5664 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/spec_helper.rb @@ -0,0 +1 @@ +require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/3rdparty/modules/rabbitmq/spec/spec_helper_acceptance.rb b/3rdparty/modules/rabbitmq/spec/spec_helper_acceptance.rb new file mode 100644 index 00000000..b82ba36c --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/spec_helper_acceptance.rb @@ -0,0 +1,38 @@ +require 'beaker-rspec' + +UNSUPPORTED_PLATFORMS = [] + +unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' + if hosts.first.is_pe? + install_pe + else + install_puppet + end + hosts.each do |host| + on hosts, "mkdir -p #{host['distmoduledir']}" + end +end + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + c.before :suite do + hosts.each do |host| + copy_module_to(host, :source => proj_root, :module_name => 'rabbitmq') + + shell("/bin/touch #{default['puppetpath']}/hiera.yaml") + shell('puppet module install puppetlabs-stdlib', { :acceptable_exit_codes => [0,1] }) + if fact('osfamily') == 'Debian' + shell('puppet module install puppetlabs-apt --version 1.8.0 --force', { :acceptable_exit_codes => [0,1] }) + end + shell('puppet module install nanliu-staging', { :acceptable_exit_codes => [0,1] }) + if fact('osfamily') == 'RedHat' + shell('puppet module install garethr-erlang', { :acceptable_exit_codes => [0,1] }) + end + end + end +end + diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_binding/rabbitmqadmin_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_binding/rabbitmqadmin_spec.rb new file mode 100644 index 00000000..e165d557 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_binding/rabbitmqadmin_spec.rb @@ -0,0 +1,59 @@ +require 'puppet' +require 'mocha/api' +RSpec.configure do |config| + config.mock_with :mocha +end +provider_class = Puppet::Type.type(:rabbitmq_binding).provider(:rabbitmqadmin) +describe provider_class do + before :each do + @resource = Puppet::Type::Rabbitmq_binding.new( + {:name => 'source@target@/', + :destination_type => :queue, + :routing_key => 'blablub', + :arguments => {} + } + ) + @provider = provider_class.new(@resource) + end + + it 'should return instances' do + provider_class.expects(:rabbitmqctl).with('list_vhosts', '-q').returns <<-EOT +/ +EOT + provider_class.expects(:rabbitmqctl).with('list_bindings', '-q', '-p', '/', 'source_name', 'destination_name', 'destination_kind', 'routing_key', 'arguments').returns <<-EOT + queue queue queue [] +EOT + instances = provider_class.instances + instances.size.should == 1 + end + + it 'should call rabbitmqadmin to create' do + @provider.expects(:rabbitmqadmin).with('declare', 'binding', '--vhost=/', '--user=guest', '--password=guest', '-c', '/etc/rabbitmq/rabbitmqadmin.conf', 'source=source', 'destination=target', 'arguments={}', 'routing_key=blablub', 'destination_type=queue') + @provider.create + end + + it 'should call rabbitmqadmin to destroy' do + @provider.expects(:rabbitmqadmin).with('delete', 'binding', '--vhost=/', '--user=guest', '--password=guest', '-c', '/etc/rabbitmq/rabbitmqadmin.conf', 'source=source', 'destination_type=queue', 'destination=target', 'properties_key=blablub') + @provider.destroy + end + + context 'specifying credentials' do + before :each do + @resource = Puppet::Type::Rabbitmq_binding.new( + {:name => 'source@test2@/', + :destination_type => :queue, + :routing_key => 'blablubd', + :arguments => {}, + :user => 'colin', + :password => 'secret' + } + ) + @provider = provider_class.new(@resource) + end + + it 'should call rabbitmqadmin to create' do + @provider.expects(:rabbitmqadmin).with('declare', 'binding', '--vhost=/', '--user=colin', '--password=secret', '-c', '/etc/rabbitmq/rabbitmqadmin.conf', 'source=source', 'destination=test2', 'arguments={}', 'routing_key=blablubd', 'destination_type=queue') + @provider.create + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_exchange/rabbitmqadmin_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_exchange/rabbitmqadmin_spec.rb new file mode 100644 index 00000000..10e39acf --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_exchange/rabbitmqadmin_spec.rb @@ -0,0 +1,75 @@ +require 'puppet' +require 'mocha' +RSpec.configure do |config| + config.mock_with :mocha +end +provider_class = Puppet::Type.type(:rabbitmq_exchange).provider(:rabbitmqadmin) +describe provider_class do + before :each do + @resource = Puppet::Type::Rabbitmq_exchange.new( + {:name => 'test.headers@/', + :type => :headers, + :internal => :false, + :durable => :true, + :auto_delete => :false, + :arguments => { + "hash-headers" => "message-distribution-hash" + }, + } + ) + @provider = provider_class.new(@resource) + end + + it 'should return instances' do + provider_class.expects(:rabbitmqctl).with('-q', 'list_vhosts').returns <<-EOT +/ +EOT + provider_class.expects(:rabbitmqctl).with('-q', 'list_exchanges', '-p', '/', 'name', 'type', 'internal', 'durable', 'auto_delete', 'arguments').returns <<-EOT + direct false true false [] +amq.direct direct false true false [] +amq.fanout fanout false true false [] +amq.headers headers false true false [] +amq.match headers false true false [] +amq.rabbitmq.log topic true true false [] +amq.rabbitmq.trace topic true true false [] +amq.topic topic false true false [] +test.headers x-consistent-hash false true false [{"hash-header","message-distribution-hash"}] +EOT + instances = provider_class.instances + instances.size.should == 9 + end + + it 'should call rabbitmqadmin to create as guest' do + @provider.expects(:rabbitmqadmin).with('declare', 'exchange', '--vhost=/', '--user=guest', '--password=guest', 'name=test.headers', 'type=headers', 'internal=false', 'durable=true', 'auto_delete=false', 'arguments={"hash-headers":"message-distribution-hash"}', '-c', '/etc/rabbitmq/rabbitmqadmin.conf') + @provider.create + end + + it 'should call rabbitmqadmin to destroy' do + @provider.expects(:rabbitmqadmin).with('delete', 'exchange', '--vhost=/', '--user=guest', '--password=guest', 'name=test.headers', '-c', '/etc/rabbitmq/rabbitmqadmin.conf') + @provider.destroy + end + + context 'specifying credentials' do + before :each do + @resource = Puppet::Type::Rabbitmq_exchange.new( + {:name => 'test.headers@/', + :type => :headers, + :internal => 'false', + :durable => 'true', + :auto_delete => 'false', + :user => 'colin', + :password => 'secret', + :arguments => { + "hash-header" => "message-distribution-hash" + }, + } + ) + @provider = provider_class.new(@resource) + end + + it 'should call rabbitmqadmin to create with credentials' do + @provider.expects(:rabbitmqadmin).with('declare', 'exchange', '--vhost=/', '--user=colin', '--password=secret', 'name=test.headers', 'type=headers', 'internal=false', 'durable=true', 'auto_delete=false', 'arguments={"hash-header":"message-distribution-hash"}', '-c', '/etc/rabbitmq/rabbitmqadmin.conf') + @provider.create + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb new file mode 100644 index 00000000..c398b629 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb @@ -0,0 +1,26 @@ +require 'puppet' +require 'mocha' +RSpec.configure do |config| + config.mock_with :mocha +end +provider_class = Puppet::Type.type(:rabbitmq_plugin).provider(:rabbitmqplugins) +describe provider_class do + before :each do + @resource = Puppet::Type::Rabbitmq_plugin.new( + {:name => 'foo'} + ) + @provider = provider_class.new(@resource) + end + it 'should match plugins' do + @provider.expects(:rabbitmqplugins).with('list', '-E', '-m').returns("foo\n") + @provider.exists?.should == 'foo' + end + it 'should call rabbitmqplugins to enable' do + @provider.expects(:rabbitmqplugins).with('enable', 'foo') + @provider.create + end + it 'should call rabbitmqplugins to disable' do + @provider.expects(:rabbitmqplugins).with('disable', 'foo') + @provider.destroy + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb new file mode 100644 index 00000000..cddb6c0c --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb @@ -0,0 +1,114 @@ +require 'puppet' +require 'mocha' + +RSpec.configure do |config| + config.mock_with :mocha +end + +describe Puppet::Type.type(:rabbitmq_policy).provider(:rabbitmqctl) do + + let(:resource) do + Puppet::Type.type(:rabbitmq_policy).new( + :name => 'ha-all@/', + :pattern => '.*', + :definition => { + 'ha-mode' => 'all' + }, + :provider => described_class.name + ) + end + + let(:provider) { resource.provider } + + after(:each) do + described_class.instance_variable_set(:@policies, nil) + end + + it 'should accept @ in policy name' do + resource = Puppet::Type.type(:rabbitmq_policy).new( + :name => 'ha@home@/', + :pattern => '.*', + :definition => { + 'ha-mode' => 'all' + }, + :provider => described_class.name + ) + provider = described_class.new(resource) + provider.should_policy.should == 'ha@home' + provider.should_vhost.should == '/' + end + + it 'should fail with invalid output from list' do + provider.class.expects(:rabbitmqctl).with('list_policies', '-q', '-p', '/').returns 'foobar' + expect { provider.exists? }.to raise_error(Puppet::Error, /cannot parse line from list_policies/) + end + + it 'should match policies from list (>=3.2.0)' do + provider.class.expects(:rabbitmqctl).with('list_policies', '-q', '-p', '/').returns <<-EOT +/ ha-all all .* {"ha-mode":"all","ha-sync-mode":"automatic"} 0 +/ test exchanges .* {"ha-mode":"all"} 0 +EOT + provider.exists?.should == { + :applyto => 'all', + :pattern => '.*', + :priority => '0', + :definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic'} + } + end + + it 'should match policies from list (<3.2.0)' do + provider.class.expects(:rabbitmqctl).with('list_policies', '-q', '-p', '/').returns <<-EOT +/ ha-all .* {"ha-mode":"all","ha-sync-mode":"automatic"} 0 +/ test .* {"ha-mode":"all"} 0 +EOT + provider.exists?.should == { + :applyto => 'all', + :pattern => '.*', + :priority => '0', + :definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic'} + } + end + + it 'should not match an empty list' do + provider.class.expects(:rabbitmqctl).with('list_policies', '-q', '-p', '/').returns '' + provider.exists?.should == nil + end + + it 'should destroy policy' do + provider.expects(:rabbitmqctl).with('clear_policy', '-p', '/', 'ha-all') + provider.destroy + end + + it 'should only call set_policy once (<3.2.0)' do + provider.class.expects(:rabbitmq_version).returns '3.1.0' + provider.resource[:priority] = '10' + provider.resource[:applyto] = 'exchanges' + provider.expects(:rabbitmqctl).with('set_policy', + '-p', '/', + 'ha-all', + '.*', + '{"ha-mode":"all"}', + '10').once + provider.priority = '10' + provider.applyto = 'exchanges' + end + + it 'should only call set_policy once (>=3.2.0)' do + provider.class.expects(:rabbitmq_version).returns '3.2.0' + provider.resource[:priority] = '10' + provider.resource[:applyto] = 'exchanges' + provider.expects(:rabbitmqctl).with('set_policy', + '-p', '/', + '--priority', '10', + '--apply-to', 'exchanges', + 'ha-all', + '.*', + '{"ha-mode":"all"}').once + provider.priority = '10' + provider.applyto = 'exchanges' + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_queue/rabbitmqadmin_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_queue/rabbitmqadmin_spec.rb new file mode 100644 index 00000000..85843da8 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_queue/rabbitmqadmin_spec.rb @@ -0,0 +1,60 @@ +require 'puppet' +require 'mocha/api' +RSpec.configure do |config| + config.mock_with :mocha +end +provider_class = Puppet::Type.type(:rabbitmq_queue).provider(:rabbitmqadmin) +describe provider_class do + before :each do + @resource = Puppet::Type::Rabbitmq_queue.new( + {:name => 'test@/', + :durable => :true, + :auto_delete => :false, + :arguments => {} + } + ) + @provider = provider_class.new(@resource) + end + + it 'should return instances' do + provider_class.expects(:rabbitmqctl).with('list_vhosts', '-q').returns <<-EOT +/ +EOT + provider_class.expects(:rabbitmqctl).with('list_queues', '-q', '-p', '/', 'name', 'durable', 'auto_delete', 'arguments').returns <<-EOT +test true false [] +test2 true false [{"x-message-ttl",342423},{"x-expires",53253232},{"x-max-length",2332},{"x-max-length-bytes",32563324242},{"x-dead-letter-exchange","amq.direct"},{"x-dead-letter-routing-key","test.routing"}] +EOT + instances = provider_class.instances + instances.size.should == 2 + end + + it 'should call rabbitmqadmin to create' do + @provider.expects(:rabbitmqadmin).with('declare', 'queue', '--vhost=/', '--user=guest', '--password=guest', '-c', '/etc/rabbitmq/rabbitmqadmin.conf', 'name=test', 'durable=true', 'auto_delete=false', 'arguments={}') + @provider.create + end + + it 'should call rabbitmqadmin to destroy' do + @provider.expects(:rabbitmqadmin).with('delete', 'queue', '--vhost=/', '--user=guest', '--password=guest', '-c', '/etc/rabbitmq/rabbitmqadmin.conf', 'name=test') + @provider.destroy + end + + context 'specifying credentials' do + before :each do + @resource = Puppet::Type::Rabbitmq_queue.new( + {:name => 'test@/', + :durable => 'true', + :auto_delete => 'false', + :arguments => {}, + :user => 'colin', + :password => 'secret', + } + ) + @provider = provider_class.new(@resource) + end + + it 'should call rabbitmqadmin to create' do + @provider.expects(:rabbitmqadmin).with('declare', 'queue', '--vhost=/', '--user=colin', '--password=secret', '-c', '/etc/rabbitmq/rabbitmqadmin.conf', 'name=test', 'durable=true', 'auto_delete=false', 'arguments={}') + @provider.create + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb new file mode 100644 index 00000000..ed828ea9 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb @@ -0,0 +1,215 @@ +require 'puppet' +require 'mocha' +RSpec.configure do |config| + config.mock_with :mocha +end +provider_class = Puppet::Type.type(:rabbitmq_user).provider(:rabbitmqctl) +describe provider_class do + before :each do + @resource = Puppet::Type::Rabbitmq_user.new( + {:name => 'foo', :password => 'bar'} + ) + @provider = provider_class.new(@resource) + end + it 'should match user names' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo +EOT + @provider.exists?.should == 'foo' + end + it 'should match user names with 2.4.1 syntax' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo bar +EOT + @provider.exists?.should == 'foo bar' + end + it 'should not match if no users on system' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +EOT + @provider.exists?.should be_nil + end + it 'should not match if no matching users on system' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +fooey +EOT + @provider.exists?.should be_nil + end + it 'should match user names from list' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +one +two three +foo +bar +EOT + @provider.exists?.should == 'foo' + end + it 'should create user and set password' do + @resource[:password] = 'bar' + @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') + @provider.create + end + it 'should create user, set password and set to admin' do + @resource[:password] = 'bar' + @resource[:admin] = 'true' + @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['administrator']) + @provider.create + end + it 'should call rabbitmqctl to delete' do + @provider.expects(:rabbitmqctl).with('delete_user', 'foo') + @provider.destroy + end + it 'should be able to retrieve admin value' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [administrator] +EOT + @provider.admin.should == :true + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +one [administrator] +foo [] +EOT + @provider.admin.should == :false + end + it 'should fail if admin value is invalid' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo fail +EOT + expect { @provider.admin }.to raise_error(Puppet::Error, /Could not match line/) + end + it 'should be able to set admin value' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['administrator']) + @provider.admin=:true + end + it 'should not interfere with existing tags on the user when setting admin value' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [bar, baz] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['bar','baz', 'administrator'].sort) + @provider.admin=:true + end + it 'should be able to unset admin value' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [administrator] +guest [administrator] +icinga [] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', []) + @provider.admin=:false + end + it 'should not interfere with existing tags on the user when unsetting admin value' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [administrator, bar, baz] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['bar','baz'].sort) + @provider.admin=:false + end + + it 'should clear all tags on existing user' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +one [administrator] +foo [tag1,tag2] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', []) + @provider.tags=[] + end + + it 'should set multiple tags' do + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +one [administrator] +foo [] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['tag1','tag2']) + @provider.tags=['tag1','tag2'] + end + + it 'should clear tags while keep admin tag' do + @resource[:admin] = true + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +one [administrator] +foo [administrator, tag1, tag2] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator"]) + @provider.tags=[] + end + + it 'should change tags while keep admin tag' do + @resource[:admin] = true + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +one [administrator] +foo [administrator, tag1, tag2] +icinga [monitoring] +kitchen [] +kitchen2 [abc, def, ghi] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator","tag1","tag3","tag7"]) + @provider.tags=['tag1','tag7','tag3'] + end + + it 'should create user with tags and without admin' do + @resource[:tags] = [ "tag1", "tag2" ] + @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["tag1","tag2"]) + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [] +EOT + @provider.create + end + + it 'should create user with tags and with admin' do + @resource[:tags] = [ "tag1", "tag2" ] + @resource[:admin] = true + @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') + @provider.expects(:rabbitmqctl).with('-q', 'list_users').twice.returns <<-EOT +foo [] +EOT + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator"]) + @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator","tag1","tag2"]) + @provider.create + end + + it 'should not return the administrator tag in tags for admins' do + @resource[:tags] = [] + @resource[:admin] = true + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [administrator] +EOT + @provider.tags.should == [] + end + + it 'should return the administrator tag for non-admins' do + # this should not happen though. + @resource[:tags] = [] + @resource[:admin] = :false + @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT +foo [administrator] +EOT + @provider.tags.should == ["administrator"] + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb new file mode 100644 index 00000000..bdbc73e8 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb @@ -0,0 +1,93 @@ +require 'puppet' +require 'mocha' +RSpec.configure do |config| + config.mock_with :mocha +end +describe 'Puppet::Type.type(:rabbitmq_user_permissions).provider(:rabbitmqctl)' do + before :each do + @provider_class = Puppet::Type.type(:rabbitmq_user_permissions).provider(:rabbitmqctl) + @resource = Puppet::Type::Rabbitmq_user_permissions.new( + {:name => 'foo@bar'} + ) + @provider = @provider_class.new(@resource) + end + after :each do + @provider_class.instance_variable_set(:@users, nil) + end + it 'should match user permissions from list' do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 1 2 3 +EOT + @provider.exists?.should == {:configure=>"1", :write=>"2", :read=>"3"} + end + it 'should match user permissions with empty columns' do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 3 +EOT + @provider.exists?.should == {:configure=>"", :write=>"", :read=>"3"} + end + it 'should not match user permissions with more than 3 columns' do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 1 2 3 4 +EOT + expect { @provider.exists? }.to raise_error(Puppet::Error, /cannot parse line from list_user_permissions/) + end + it 'should not match an empty list' do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +EOT + @provider.exists?.should == nil + end + it 'should create default permissions' do + @provider.instance_variable_set(:@should_vhost, "bar") + @provider.instance_variable_set(:@should_user, "foo") + @provider.expects(:rabbitmqctl).with('set_permissions', '-p', 'bar', 'foo', "''", "''", "''") + @provider.create + end + it 'should destroy permissions' do + @provider.instance_variable_set(:@should_vhost, "bar") + @provider.instance_variable_set(:@should_user, "foo") + @provider.expects(:rabbitmqctl).with('clear_permissions', '-p', 'bar', 'foo') + @provider.destroy + end + {:configure_permission => '1', :write_permission => '2', :read_permission => '3'}.each do |k,v| + it "should be able to retrieve #{k}" do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 1 2 3 +EOT + @provider.send(k).should == v + end + end + {:configure_permission => '1', :write_permission => '2', :read_permission => '3'}.each do |k,v| + it "should be able to retrieve #{k} after exists has been called" do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 1 2 3 +EOT + @provider.exists? + @provider.send(k).should == v + end + end + {:configure_permission => ['foo', '2', '3'], + :read_permission => ['1', '2', 'foo'], + :write_permission => ['1', 'foo', '3'] + }.each do |perm, columns| + it "should be able to sync #{perm}" do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 1 2 3 +EOT + @provider.resource[perm] = 'foo' + @provider.expects(:rabbitmqctl).with('set_permissions', '-p', 'bar', 'foo', *columns) + @provider.send("#{perm}=".to_sym, 'foo') + end + end + it 'should only call set_permissions once' do + @provider.class.expects(:rabbitmqctl).with('-q', 'list_user_permissions', 'foo').returns <<-EOT +bar 1 2 3 +EOT + @provider.resource[:configure_permission] = 'foo' + @provider.resource[:read_permission] = 'foo' + @provider.expects(:rabbitmqctl).with('set_permissions', '-p', 'bar', 'foo', 'foo', '2', 'foo').once + @provider.configure_permission='foo' + @provider.read_permission='foo' + end +end + diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb new file mode 100644 index 00000000..6c8cce8d --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb @@ -0,0 +1,45 @@ +require 'puppet' +require 'mocha' +RSpec.configure do |config| + config.mock_with :mocha +end +provider_class = Puppet::Type.type(:rabbitmq_vhost).provider(:rabbitmqctl) +describe provider_class do + before :each do + @resource = Puppet::Type::Rabbitmq_vhost.new( + {:name => 'foo'} + ) + @provider = provider_class.new(@resource) + end + it 'should match vhost names' do + @provider.expects(:rabbitmqctl).with('-q', 'list_vhosts').returns <<-EOT +Listing vhosts ... +foo +...done. +EOT + @provider.exists?.should == 'foo' + end + it 'should not match if no vhosts on system' do + @provider.expects(:rabbitmqctl).with('-q', 'list_vhosts').returns <<-EOT +Listing vhosts ... +...done. +EOT + @provider.exists?.should be_nil + end + it 'should not match if no matching vhosts on system' do + @provider.expects(:rabbitmqctl).with('-q', 'list_vhosts').returns <<-EOT +Listing vhosts ... +fooey +...done. +EOT + @provider.exists?.should be_nil + end + it 'should call rabbitmqctl to create' do + @provider.expects(:rabbitmqctl).with('add_vhost', 'foo') + @provider.create + end + it 'should call rabbitmqctl to create' do + @provider.expects(:rabbitmqctl).with('delete_vhost', 'foo') + @provider.destroy + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_binding_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_binding_spec.rb new file mode 100644 index 00000000..b0671e7c --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_binding_spec.rb @@ -0,0 +1,50 @@ +require 'puppet' +require 'puppet/type/rabbitmq_binding' +describe Puppet::Type.type(:rabbitmq_binding) do + before :each do + @binding = Puppet::Type.type(:rabbitmq_binding).new( + :name => 'foo@blub@bar', + :destination_type => :queue + ) + end + it 'should accept an queue name' do + @binding[:name] = 'dan@dude@pl' + @binding[:name].should == 'dan@dude@pl' + end + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_binding).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + it 'should not allow whitespace in the name' do + expect { + @binding[:name] = 'b r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + it 'should not allow names without one @' do + expect { + @binding[:name] = 'b_r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + + it 'should not allow names without two @' do + expect { + @binding[:name] = 'b@r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + + it 'should accept an binding destination_type' do + @binding[:destination_type] = :exchange + @binding[:destination_type].should == :exchange + end + + it 'should accept a user' do + @binding[:user] = :root + @binding[:user].should == :root + end + + it 'should accept a password' do + @binding[:password] = :PaSsw0rD + @binding[:password].should == :PaSsw0rD + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_exchange_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_exchange_spec.rb new file mode 100644 index 00000000..1500122c --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_exchange_spec.rb @@ -0,0 +1,57 @@ +require 'puppet' +require 'puppet/type/rabbitmq_exchange' +describe Puppet::Type.type(:rabbitmq_exchange) do + before :each do + @exchange = Puppet::Type.type(:rabbitmq_exchange).new( + :name => 'foo@bar', + :type => :topic, + :internal => false, + :auto_delete => false, + :durable => true + ) + end + it 'should accept an exchange name' do + @exchange[:name] = 'dan@pl' + @exchange[:name].should == 'dan@pl' + end + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_exchange).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + it 'should not allow whitespace in the name' do + expect { + @exchange[:name] = 'b r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + it 'should not allow names without @' do + expect { + @exchange[:name] = 'b_r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + + it 'should accept an exchange type' do + @exchange[:type] = :direct + @exchange[:type].should == :direct + end + it 'should require a type' do + expect { + Puppet::Type.type(:rabbitmq_exchange).new(:name => 'foo@bar') + }.to raise_error(/.*must set type when creating exchange.*/) + end + it 'should not require a type when destroying' do + expect { + Puppet::Type.type(:rabbitmq_exchange).new(:name => 'foo@bar', :ensure => :absent) + }.to_not raise_error + end + + it 'should accept a user' do + @exchange[:user] = :root + @exchange[:user].should == :root + end + + it 'should accept a password' do + @exchange[:password] = :PaSsw0rD + @exchange[:password].should == :PaSsw0rD + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_policy_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_policy_spec.rb new file mode 100644 index 00000000..36bf2a73 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_policy_spec.rb @@ -0,0 +1,119 @@ +require 'puppet' +require 'puppet/type/rabbitmq_policy' + +describe Puppet::Type.type(:rabbitmq_policy) do + + before do + @policy = Puppet::Type.type(:rabbitmq_policy).new( + :name => 'ha-all@/', + :pattern => '.*', + :definition => { + 'ha-mode' => 'all' + }) + end + + it 'should accept a valid name' do + @policy[:name] = 'ha-all@/' + @policy[:name].should == 'ha-all@/' + end + + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_policy).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + + it 'should fail when name does not have a @' do + expect { + @policy[:name] = 'ha-all' + }.to raise_error(Puppet::Error, /Valid values match/) + end + + it 'should accept a valid regex for pattern' do + @policy[:pattern] = '.*?' + @policy[:pattern].should == '.*?' + end + + it 'should accept an empty string for pattern' do + @policy[:pattern] = '' + @policy[:pattern].should == '' + end + + it 'should not accept invalid regex for pattern' do + expect { + @policy[:pattern] = '*' + }.to raise_error(Puppet::Error, /Invalid regexp/) + end + + it 'should accept valid value for applyto' do + [:all, :exchanges, :queues].each do |v| + @policy[:applyto] = v + @policy[:applyto].should == v + end + end + + it 'should not accept invalid value for applyto' do + expect { + @policy[:applyto] = 'me' + }.to raise_error(Puppet::Error, /Invalid value/) + end + + it 'should accept a valid hash for definition' do + definition = {'ha-mode' => 'all', 'ha-sync-mode' => 'automatic'} + @policy[:definition] = definition + @policy[:definition].should == definition + end + + it 'should not accept invalid hash for definition' do + expect { + @policy[:definition] = 'ha-mode' + }.to raise_error(Puppet::Error, /Invalid definition/) + + expect { + @policy[:definition] = {'ha-mode' => ['a', 'b']} + }.to raise_error(Puppet::Error, /Invalid definition/) + end + + it 'should accept valid value for priority' do + [0, 10, '0', '10'].each do |v| + @policy[:priority] = v + @policy[:priority].should == v + end + end + + it 'should not accept invalid value for priority' do + ['-1', -1, '1.0', 1.0, 'abc', ''].each do |v| + expect { + @policy[:priority] = v + }.to raise_error(Puppet::Error, /Invalid value/) + end + end + + it 'should accept and convert ha-params for ha-mode exactly' do + definition = {'ha-mode' => 'exactly', 'ha-params' => '2'} + @policy[:definition] = definition + @policy[:definition]['ha-params'].should be_a(Fixnum) + @policy[:definition]['ha-params'].should == 2 + end + + it 'should not accept non-numeric ha-params for ha-mode exactly' do + definition = {'ha-mode' => 'exactly', 'ha-params' => 'nonnumeric'} + expect { + @policy[:definition] = definition + }.to raise_error(Puppet::Error, /Invalid ha-params.*nonnumeric.*exactly/) + end + + it 'should accept and convert the expires value' do + definition = {'expires' => '1800000'} + @policy[:definition] = definition + @policy[:definition]['expires'].should be_a(Fixnum) + @policy[:definition]['expires'].should == 1800000 + end + + it 'should not accept non-numeric expires value' do + definition = {'expires' => 'future'} + expect { + @policy[:definition] = definition + }.to raise_error(Puppet::Error, /Invalid expires value.*future/) + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_queue_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_queue_spec.rb new file mode 100644 index 00000000..4fd7b34e --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_queue_spec.rb @@ -0,0 +1,60 @@ +require 'puppet' +require 'puppet/type/rabbitmq_queue' +require 'json' +describe Puppet::Type.type(:rabbitmq_queue) do + before :each do + @queue = Puppet::Type.type(:rabbitmq_queue).new( + :name => 'foo@bar', + :durable => :true, + :arguments => { + 'x-message-ttl' => 45, + 'x-dead-letter-exchange' => 'deadexchange' + } + ) + end + it 'should accept an queue name' do + @queue[:name] = 'dan@pl' + @queue[:name].should == 'dan@pl' + end + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_queue).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + it 'should not allow whitespace in the name' do + expect { + @queue[:name] = 'b r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + it 'should not allow names without @' do + expect { + @queue[:name] = 'b_r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + + it 'should accept an arguments with numbers value' do + @queue[:arguments] = {'x-message-ttl' => 30} + @queue[:arguments].to_json.should == "{\"x-message-ttl\":30}" + @queue[:arguments]['x-message-ttl'].should == 30 + end + + it 'should accept an arguments with string value' do + @queue[:arguments] = {'x-dead-letter-exchange' => 'catchallexchange'} + @queue[:arguments].to_json.should == "{\"x-dead-letter-exchange\":\"catchallexchange\"}" + end + + it 'should accept an queue durable' do + @queue[:durable] = :true + @queue[:durable].should == :true + end + + it 'should accept a user' do + @queue[:user] = :root + @queue[:user].should == :root + end + + it 'should accept a password' do + @queue[:password] = :PaSsw0rD + @queue[:password].should == :PaSsw0rD + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_user_permissions_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_user_permissions_spec.rb new file mode 100644 index 00000000..7cb66eac --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_user_permissions_spec.rb @@ -0,0 +1,55 @@ +require 'puppet' +require 'puppet/type/rabbitmq_user_permissions' +describe Puppet::Type.type(:rabbitmq_user_permissions) do + before :each do + @perms = Puppet::Type.type(:rabbitmq_user_permissions).new(:name => 'foo@bar') + end + it 'should accept a valid hostname name' do + @perms[:name] = 'dan@bar' + @perms[:name].should == 'dan@bar' + end + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_user_permissions).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + it 'should fail when names dont have a @' do + expect { + @perms[:name] = 'bar' + }.to raise_error(Puppet::Error, /Valid values match/) + end + [:configure_permission, :read_permission, :write_permission].each do |param| + it 'should not default to anything' do + @perms[param].should == nil + end + it "should accept a valid regex for #{param}" do + @perms[param] = '.*?' + @perms[param].should == '.*?' + end + it "should accept an empty string for #{param}" do + @perms[param] = '' + @perms[param].should == '' + end + it "should not accept invalid regex for #{param}" do + expect { + @perms[param] = '*' + }.to raise_error(Puppet::Error, /Invalid regexp/) + end + end + {:rabbitmq_vhost => 'dan@test', :rabbitmq_user => 'test@dan'}.each do |k,v| + it "should autorequire #{k}" do + if k == :rabbitmq_vhost + vhost = Puppet::Type.type(k).new(:name => "test") + else + vhost = Puppet::Type.type(k).new(:name => "test", :password => 'pass') + end + perm = Puppet::Type.type(:rabbitmq_user_permissions).new(:name => v) + config = Puppet::Resource::Catalog.new :testing do |conf| + [vhost, perm].each { |resource| conf.add_resource resource } + end + rel = perm.autorequire[0] + rel.source.ref.should == vhost.ref + rel.target.ref.should == perm.ref + end + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_user_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_user_spec.rb new file mode 100644 index 00000000..a73d9c93 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_user_spec.rb @@ -0,0 +1,52 @@ +require 'puppet' +require 'puppet/type/rabbitmq_user' +describe Puppet::Type.type(:rabbitmq_user) do + before :each do + @user = Puppet::Type.type(:rabbitmq_user).new(:name => 'foo', :password => 'pass') + end + it 'should accept a user name' do + @user[:name] = 'dan' + @user[:name].should == 'dan' + @user[:admin].should == :false + end + it 'should accept a password' do + @user[:password] = 'foo' + @user[:password].should == 'foo' + end + it 'should require a password' do + expect { + Puppet::Type.type(:rabbitmq_user).new(:name => 'foo') + }.to raise_error(/must set password/) + end + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_user).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + it 'should not allow whitespace in the name' do + expect { + @user[:name] = 'b r' + }.to raise_error(Puppet::Error, /Valid values match/) + end + [true, false, 'true', 'false'].each do |val| + it "admin property should accept #{val}" do + @user[:admin] = val + @user[:admin].should == val.to_s.to_sym + end + end + it 'should not accept non-boolean values for admin' do + expect { + @user[:admin] = 'yes' + }.to raise_error(Puppet::Error, /Invalid value/) + end + it 'should not accept tags with spaces' do + expect { + @user[:tags] = ['policy maker'] + }.to raise_error(Puppet::Error, /Invalid tag/) + end + it 'should not accept the administrator tag' do + expect { + @user[:tags] = ['administrator'] + }.to raise_error(Puppet::Error, /must use admin property/) + end +end diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_vhost_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_vhost_spec.rb new file mode 100644 index 00000000..70b8e374 --- /dev/null +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/type/rabbitmq_vhost_spec.rb @@ -0,0 +1,21 @@ +require 'puppet' +require 'puppet/type/rabbitmq_vhost' +describe Puppet::Type.type(:rabbitmq_vhost) do + before :each do + @vhost = Puppet::Type.type(:rabbitmq_vhost).new(:name => 'foo') + end + it 'should accept a vhost name' do + @vhost[:name] = 'dan' + @vhost[:name].should == 'dan' + end + it 'should require a name' do + expect { + Puppet::Type.type(:rabbitmq_vhost).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + it 'should not allow whitespace in the name' do + expect { + @vhost[:name] = 'b r' + }.to raise_error(Puppet::Error, /Valid values match/) + end +end diff --git a/3rdparty/modules/rabbitmq/templates/README.markdown b/3rdparty/modules/rabbitmq/templates/README.markdown new file mode 100644 index 00000000..575bbeae --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/README.markdown @@ -0,0 +1,23 @@ +Templates +========= + +Puppet supports templates and templating via ERB, which is part of the Ruby +standard library and is used for many other projects including Ruby on Rails. +Templates allow you to manage the content of template files, for example +configuration files that cannot yet be managed as a Puppet type. Learn more at +http://projects.puppetlabs.com/projects/puppet/wiki/Puppet_Templating + +You can use templates like this: + + class myclass { + package { mypackage: ensure => latest } + service { myservice: ensure => running } + file { "/etc/myfile": + content => template("mymodule/myfile.erb") + } + } + +The templates are searched for in: + + $templatedir/mymodule/myfile.erb + $modulepath/mymodule/templates/myfile.erb diff --git a/3rdparty/modules/rabbitmq/templates/default.erb b/3rdparty/modules/rabbitmq/templates/default.erb new file mode 100644 index 00000000..a2bea95e --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/default.erb @@ -0,0 +1,10 @@ +# File managed by Puppet. + +# This file is sourced by /etc/init.d/rabbitmq-server. Its primary +# reason for existing is to allow adjustment of system limits for the +# rabbitmq-server process. +# +# Maximum number of open file handles. This will need to be increased +# to handle many simultaneous connections. Refer to the system +# documentation for ulimit (in man bash) for more information. +ulimit -n <%= @file_limit %> diff --git a/3rdparty/modules/rabbitmq/templates/limits.conf b/3rdparty/modules/rabbitmq/templates/limits.conf new file mode 100644 index 00000000..bb017fd9 --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/limits.conf @@ -0,0 +1,2 @@ +rabbitmq soft nofile <%= @file_limit %> +rabbitmq hard nofile <%= @file_limit %> diff --git a/3rdparty/modules/rabbitmq/templates/rabbitmq-env.conf.erb b/3rdparty/modules/rabbitmq/templates/rabbitmq-env.conf.erb new file mode 100644 index 00000000..0c6b5d19 --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/rabbitmq-env.conf.erb @@ -0,0 +1,5 @@ +<%- @environment_variables.keys.sort.each do |key| -%> +<%- if @environment_variables[key] != 'UNSET' -%> +<%= key %>=<%= @environment_variables[key] %> +<%- end -%> +<%- end -%> diff --git a/3rdparty/modules/rabbitmq/templates/rabbitmq-server.service.d/limits.conf b/3rdparty/modules/rabbitmq/templates/rabbitmq-server.service.d/limits.conf new file mode 100644 index 00000000..78773864 --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/rabbitmq-server.service.d/limits.conf @@ -0,0 +1,2 @@ +[Service] +LimitNOFILE=<%= @file_limit %> diff --git a/3rdparty/modules/rabbitmq/templates/rabbitmq.config.erb b/3rdparty/modules/rabbitmq/templates/rabbitmq.config.erb new file mode 100644 index 00000000..4e2154e5 --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/rabbitmq.config.erb @@ -0,0 +1,110 @@ +% This file managed by Puppet +% Template Path: <%= @module_name %>/templates/rabbitmq.config +[ +<%- if @ssl and @ssl_versions -%> + {ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]}, +<%- end -%> + {rabbit, [ +<% if @ldap_auth -%> + {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]}, +<% end -%> +<% if @config_cluster -%> + {cluster_nodes, {[<%= @cluster_nodes.map { |n| "\'rabbit@#{n}\'" }.join(', ') %>], <%= @cluster_node_type %>}}, + {cluster_partition_handling, <%= @cluster_partition_handling %>}, +<% end -%> +<%- if @tcp_keepalive -%> + {tcp_listen_options, [{keepalive, true}]}, +<%- end -%> +<%- if @ssl_only -%> + {tcp_listeners, []}, +<%- elsif @interface != 'UNSET' -%> + {tcp_listeners, [{"<%= @interface%>", <%= @port %>}]}, +<%- end -%> +<%- if @ssl -%> + <%- if @ssl_interface != 'UNSET' -%> + {ssl_listeners, [{"<%= @ssl_interface%>", <%= @ssl_port %>}]}, + <%- else -%> + {ssl_listeners, [<%= @ssl_port %>]}, + <%- end -%> + {ssl_options, [ + <%- if @ssl_cacert != 'UNSET' -%> + {cacertfile,"<%= @ssl_cacert %>"}, + <%- end -%> + {certfile,"<%= @ssl_cert %>"}, + {keyfile,"<%= @ssl_key %>"}, + {verify,<%= @ssl_verify %>}, + {fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>} + <%- if @ssl_versions -%> + ,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]} + <%- end -%> + <%- if @ssl_ciphers and @ssl_ciphers.size > 0 -%> + ,{ciphers,[ + <%= @ssl_ciphers.sort.map{|k| "{#{k}}"}.join(",\n ") %> + ]} + <%- end -%> + ]}, +<%- end -%> +<% if @config_variables -%> +<%- @config_variables.keys.sort.each do |key| -%> + {<%= key %>, <%= @config_variables[key] %>}, +<%- end -%> +<%- end -%> + {default_user, <<"<%= @default_user %>">>}, + {default_pass, <<"<%= @default_pass %>">>} + ]}<% if @config_kernel_variables -%>, + {kernel, [ + <%= @config_kernel_variables.sort.map{|k,v| "{#{k}, #{v}}"}.join(",\n ") %> + ]} +<%- end -%> +<%- if @admin_enable -%>, + {rabbitmq_management, [ + {listener, [ +<%- if @ssl -%> + {port, <%= @ssl_management_port %>}, + {ssl, true}, + {ssl_opts, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile, "<%= @ssl_cacert %>"},<%- end -%> + + {certfile, "<%= @ssl_cert %>"}, + {keyfile, "<%= @ssl_key %>"} + <%- if @ssl_versions -%> + ,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]} + <%- end -%> + <%- if @ssl_ciphers and @ssl_ciphers.size > 0 -%> + ,{ciphers,[ + <%= @ssl_ciphers.sort.map{|k| "{#{k}}"}.join(",\n ") %> + ]} + <%- end -%> + ]} +<%- else -%> + {port, <%= @management_port %>} +<%- end -%> + ]} + ]} +<%- end -%> +<% if @config_stomp -%>, +% Configure the Stomp Plugin listening port + {rabbitmq_stomp, [ + {tcp_listeners, [<%= @stomp_port %>]} + <%- if @ssl && @ssl_stomp_port -%>, + {ssl_listeners, [<%= @ssl_stomp_port %>]} + <%- end -%> + ]} +<% end -%> +<%- if @ldap_auth -%>, +% Configure the LDAP authentication plugin + {rabbitmq_auth_backend_ldap, [ + {other_bind, <%= @ldap_other_bind %>}, + {servers, ["<%= @ldap_server %>"]}, + {user_dn_pattern, "<%= @ldap_user_dn_pattern %>"}, + {use_ssl, <%= @ldap_use_ssl %>}, + {port, <%= @ldap_port %>}, +<% if @ldap_config_variables -%> +<%- @ldap_config_variables.keys.sort.each do |key| -%> + {<%= key %>, <%= @ldap_config_variables[key] %>}, +<%- end -%> +<%- end -%> + {log, <%= @ldap_log %>} + ]} +<%- end -%> +]. +% EOF diff --git a/3rdparty/modules/rabbitmq/templates/rabbitmqadmin.conf.erb b/3rdparty/modules/rabbitmq/templates/rabbitmqadmin.conf.erb new file mode 100644 index 00000000..d76c8114 --- /dev/null +++ b/3rdparty/modules/rabbitmq/templates/rabbitmqadmin.conf.erb @@ -0,0 +1,7 @@ +[default] +<% if @ssl -%> +ssl = True +port = <%= @ssl_management_port %> +<% else -%> +port = <%= @management_port %> +<% end -%> diff --git a/3rdparty/modules/rabbitmq/tests/erlang_deps.pp b/3rdparty/modules/rabbitmq/tests/erlang_deps.pp new file mode 100644 index 00000000..d34d9441 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/erlang_deps.pp @@ -0,0 +1,5 @@ +# install first the garethr-erlang module. See README.md +include 'erlang' + +class { 'erlang': epel_enable => true} +Class['erlang'] -> Class['rabbitmq'] diff --git a/3rdparty/modules/rabbitmq/tests/full.pp b/3rdparty/modules/rabbitmq/tests/full.pp new file mode 100644 index 00000000..c6dfc5cf --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/full.pp @@ -0,0 +1,21 @@ +class { 'rabbitmq::repo::apt': + pin => '900', +}-> +class { 'rabbitmq::server': + delete_guest_user => true, +# version => '2.4.1', +}-> +rabbitmq_user { 'dan': + admin => true, + password => 'pass', + provider => 'rabbitmqctl', +}-> +rabbitmq_vhost { 'myhost': + provider => 'rabbitmqctl', +} +rabbitmq_user_permissions { 'dan@myhost': + configure_permission => '.*', + read_permission => '.*', + write_permission => '.*', + provider => 'rabbitmqctl', +} diff --git a/3rdparty/modules/rabbitmq/tests/permissions/add.pp b/3rdparty/modules/rabbitmq/tests/permissions/add.pp new file mode 100644 index 00000000..fb71af14 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/permissions/add.pp @@ -0,0 +1,9 @@ +rabbitmq_user { 'blah7': + password => 'foo', +} +rabbitmq_vhost { 'test5': } +rabbitmq_user_permissions { 'blah7@test5': + configure_permission => 'config2', + read_permission => 'ready', + #write_permission => 'ready', +} diff --git a/3rdparty/modules/rabbitmq/tests/plugin.pp b/3rdparty/modules/rabbitmq/tests/plugin.pp new file mode 100644 index 00000000..6c5605b9 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/plugin.pp @@ -0,0 +1,11 @@ +class { 'rabbitmq::server': + config_stomp => true, +} + +$rabbitmq_plugins = [ 'amqp_client', 'rabbitmq_stomp' ] + +rabbitmq_plugin { $rabbitmq_plugins: + ensure => present, + require => Class['rabbitmq::server'], + provider => 'rabbitmqplugins', +} diff --git a/3rdparty/modules/rabbitmq/tests/repo/apt.pp b/3rdparty/modules/rabbitmq/tests/repo/apt.pp new file mode 100644 index 00000000..f1373737 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/repo/apt.pp @@ -0,0 +1,2 @@ +# requires pupetlabs-apt +include rabbitmq::repo::apt diff --git a/3rdparty/modules/rabbitmq/tests/server.pp b/3rdparty/modules/rabbitmq/tests/server.pp new file mode 100644 index 00000000..caea8937 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/server.pp @@ -0,0 +1,5 @@ +class { 'rabbitmq::server': + port => '5672', + delete_guest_user => true, + version => 'latest', +} diff --git a/3rdparty/modules/rabbitmq/tests/service.pp b/3rdparty/modules/rabbitmq/tests/service.pp new file mode 100644 index 00000000..9a00d2b6 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/service.pp @@ -0,0 +1 @@ +class { 'rabbitmq::service': } diff --git a/3rdparty/modules/rabbitmq/tests/site.pp b/3rdparty/modules/rabbitmq/tests/site.pp new file mode 100644 index 00000000..75ebcfed --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/site.pp @@ -0,0 +1,16 @@ +node default { + + $rabbitmq_plugins = [ 'amqp_client', 'rabbitmq_stomp' ] + + class { 'rabbitmq::server': + config => '[ {rabbit_stomp, [{tcp_listeners, [1234]} ]} ].', + } + + # Required for MCollective + rabbitmq_plugin { $rabbitmq_plugins: + ensure => present, + require => Class['rabbitmq::server'], + provider => 'rabbitmqplugins', + } +} + diff --git a/3rdparty/modules/rabbitmq/tests/user/add.pp b/3rdparty/modules/rabbitmq/tests/user/add.pp new file mode 100644 index 00000000..2c3a8709 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/user/add.pp @@ -0,0 +1,4 @@ +rabbitmq_user { ['blah2', 'blah3', 'blah4']: + password => 'phoey!', + #provider => 'rabbitmqctl', +} diff --git a/3rdparty/modules/rabbitmq/tests/vhosts/add.pp b/3rdparty/modules/rabbitmq/tests/vhosts/add.pp new file mode 100644 index 00000000..d818a192 --- /dev/null +++ b/3rdparty/modules/rabbitmq/tests/vhosts/add.pp @@ -0,0 +1 @@ +rabbitmq_vhost { ['fooey', 'blah']: } diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/default.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/default.rb deleted file mode 100644 index 9f71a9ac..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/default.rb +++ /dev/null @@ -1,22 +0,0 @@ -Puppet::Type.type(:rabbitmq_plugin).provide(:default) do - - def self.instances - [] - end - - def create - default_fail - end - - def destroy - default_fail - end - - def exists? - default_fail - end - - def default_fail - fail('This is just the default provider for rabbitmq_plugin, all it does is fail') - end -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb deleted file mode 100644 index 325fd200..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb +++ /dev/null @@ -1,30 +0,0 @@ -Puppet::Type.type(:rabbitmq_plugin).provide(:rabbitmqplugins) do - - commands :rabbitmqplugins => '/usr/lib/rabbitmq/bin/rabbitmq-plugins' - defaultfor :feature => :posix - - def self.instances - rabbitmqplugins('list', '-E').split(/\n/).map do |line| - if line.split(/\s+/)[1] =~ /^(\S+)$/ - new(:name => $1) - else - raise Puppet::Error, "Cannot parse invalid plugins line: #{line}" - end - end - end - - def create - rabbitmqplugins('enable', resource[:name]) - end - - def destroy - rabbitmqplugins('disable', resource[:name]) - end - - def exists? - out = rabbitmqplugins('list', '-E').split(/\n/).detect do |line| - line.split(/\s+/)[1].match(/^#{resource[:name]}$/) - end - end - -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/default.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/default.rb deleted file mode 100644 index 77cb9bfb..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/default.rb +++ /dev/null @@ -1,23 +0,0 @@ -Puppet::Type.type(:rabbitmq_policy).provide(:default) do - - def self.instances - [] - end - - def create - default_fail - end - - def destroy - default_fail - end - - def exists? - default_fail - end - - def default_fail - fail('This is just the default provider for rabbitmq_policy, all it does is fail') - end -end - diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb deleted file mode 100644 index 8e125103..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'puppet' -Puppet::Type.type(:rabbitmq_policy).provide(:rabbitmqctl) do - - commands :rabbitmqctl => 'rabbitmqctl' - defaultfor :feature => :posix - - def should_vhost - if @should_vhost - @should_vhost - else - @should_vhost = resource[:vhost] - end - end - - def self.instances - rabbitmqctl('list_policies', '-p', should_vhost).split(/\n/)[1..-2].detect do |line| - if line =~ /^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+.*$/ - new(:name => $2, :vhost => $1, :match => $3, :policy => $4) - else - raise Puppet::Error, "Cannot parse invalid user line: #{line}" - end - end - end - - def create - rabbitmqctl('set_policy', '-p', should_vhost, resource[:name], resource[:match], resource[:policy]) - end - - def destroy - rabbitmqctl('clear_policy', '-p', should_vhost, resource[:name]) - end - - def exists? - out = rabbitmqctl('list_policies', '-p', should_vhost).split(/\n/)[1..-2].detect do |line| - line.match(/^\S+\s+#{resource[:name]}\s+\S+.*$/) - end - end - -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/default.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/default.rb deleted file mode 100644 index 8915dd81..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/default.rb +++ /dev/null @@ -1,22 +0,0 @@ -Puppet::Type.type(:rabbitmq_user).provide(:default) do - - def self.instances - [] - end - - def create - default_fail - end - - def destroy - default_fail - end - - def exists? - default_fail - end - - def default_fail - fail('This is just the default provider for rabbitmq_user, all it does is fail') - end -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb deleted file mode 100644 index fde194cc..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb +++ /dev/null @@ -1,59 +0,0 @@ -require 'puppet' -Puppet::Type.type(:rabbitmq_user).provide(:rabbitmqctl) do - - commands :rabbitmqctl => 'rabbitmqctl' - defaultfor :feature => :posix - - def self.instances - rabbitmqctl('list_users').split(/\n/)[1..-2].collect do |line| - if line =~ /^(\S+)(\s+\S+|)$/ - new(:name => $1) - else - raise Puppet::Error, "Cannot parse invalid user line: #{line}" - end - end - end - - def create - rabbitmqctl('add_user', resource[:name], resource[:password]) - if resource[:admin] == :true - make_user_admin() - end - end - - def destroy - rabbitmqctl('delete_user', resource[:name]) - end - - def exists? - out = rabbitmqctl('list_users').split(/\n/)[1..-2].detect do |line| - line.match(/^#{resource[:name]}(\s+\S+|)$/) - end - end - - # def password - # def password=() - def admin - match = rabbitmqctl('list_users').split(/\n/)[1..-2].collect do |line| - line.match(/^#{resource[:name]}\s+\[(administrator)?\]/) - end.compact.first - if match - (:true if match[1].to_s == 'administrator') || :false - else - raise Puppet::Error, "Could not match line '#{resource[:name]} (true|false)' from list_users (perhaps you are running on an older version of rabbitmq that does not support admin users?)" - end - end - - def admin=(state) - if state == :true - make_user_admin() - else - rabbitmqctl('set_user_tags', resource[:name]) - end - end - - def make_user_admin - rabbitmqctl('set_user_tags', resource[:name], 'administrator') - end - -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/default.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/default.rb deleted file mode 100644 index 42ee0d91..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/default.rb +++ /dev/null @@ -1,18 +0,0 @@ -Puppet::Type.type(:rabbitmq_user_permissions).provide(:default) do - - def create - default_fail - end - - def destroy - default_fail - end - - def exists? - default_fail - end - - def default_fail - fail('This is just the default provider for rabbitmq_user, all it does is fail') - end -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb deleted file mode 100644 index 4e3c9dd0..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb +++ /dev/null @@ -1,102 +0,0 @@ -Puppet::Type.type(:rabbitmq_user_permissions).provide(:rabbitmqctl) do - - commands :rabbitmqctl => 'rabbitmqctl' - defaultfor :feature=> :posix - - #def self.instances - # - #end - - # cache users permissions - def self.users(name, vhost) - @users = {} unless @users - unless @users[name] - @users[name] = {} - out = rabbitmqctl('list_user_permissions', name).split(/\n/)[1..-2].each do |line| - if line =~ /^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)$/ - @users[name][$1] = - {:configure => $2, :read => $3, :write => $4} - else - raise Puppet::Error, "cannot parse line from list_user_permissions:#{line}" - end - end - end - @users[name][vhost] - end - - def users(name, vhost) - self.class.users(name, vhost) - end - - def should_user - if @should_user - @should_user - else - @should_user = resource[:name].split('@')[0] - end - end - - def should_vhost - if @should_vhost - @should_vhost - else - @should_vhost = resource[:name].split('@')[1] - end - end - - def create - resource[:configure_permission] ||= "'^$'" - resource[:read_permission] ||= "'^$'" - resource[:write_permission] ||= "'^$'" - rabbitmqctl('set_permissions', '-p', should_vhost, should_user, resource[:configure_permission], resource[:read_permission], resource[:write_permission]) - end - - def destroy - rabbitmqctl('clear_permissions', '-p', should_vhost, should_user) - end - - # I am implementing prefetching in exists b/c I need to be sure - # that the rabbitmq package is installed before I make this call. - def exists? - users(should_user, should_vhost) - end - - def configure_permission - users(should_user, should_vhost)[:configure] - end - - def configure_permission=(perm) - set_permissions - end - - def read_permission - users(should_user, should_vhost)[:read] - end - - def read_permission=(perm) - set_permissions - end - - def write_permission - users(should_user, should_vhost)[:write] - end - - def write_permission=(perm) - set_permissions - end - - # implement memoization so that we only call set_permissions once - def set_permissions - unless @permissions_set - @permissions_set = true - resource[:configure_permission] ||= configure_permission - resource[:read_permission] ||= read_permission - resource[:write_permission] ||= write_permission - rabbitmqctl('set_permissions', '-p', should_vhost, should_user, - resource[:configure_permission], resource[:read_permission], - resource[:write_permission] - ) - end - end - -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/default.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/default.rb deleted file mode 100644 index c4118176..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/default.rb +++ /dev/null @@ -1,22 +0,0 @@ -Puppet::Type.type(:rabbitmq_vhost).provide(:default) do - - def self.instances - [] - end - - def create - default_fail - end - - def destroy - default_fail - end - - def exists? - default_fail - end - - def default_fail - fail('This is just the default provider for rabbitmq_vhost, all it does is fail') - end -end diff --git a/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb b/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb deleted file mode 100644 index 39d3c0b8..00000000 --- a/modules/rabbitmq/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb +++ /dev/null @@ -1,30 +0,0 @@ -Puppet::Type.type(:rabbitmq_vhost).provide(:rabbitmqctl) do - - commands :rabbitmqctl => 'rabbitmqctl' - defaultfor :feature => :posix - - def self.instances - rabbitmqctl('list_vhosts').split(/\n/)[1..-2].map do |line| - if line =~ /^(\S+)$/ - new(:name => $1) - else - raise Puppet::Error, "Cannot parse invalid user line: #{line}" - end - end - end - - def create - rabbitmqctl('add_vhost', resource[:name]) - end - - def destroy - rabbitmqctl('delete_vhost', resource[:name]) - end - - def exists? - out = rabbitmqctl('list_vhosts').split(/\n/)[1..-2].detect do |line| - line.match(/^#{resource[:name]}$/) - end - end - -end diff --git a/modules/rabbitmq/lib/puppet/type/rabbitmq_plugin.rb b/modules/rabbitmq/lib/puppet/type/rabbitmq_plugin.rb deleted file mode 100644 index 497ced4e..00000000 --- a/modules/rabbitmq/lib/puppet/type/rabbitmq_plugin.rb +++ /dev/null @@ -1,19 +0,0 @@ -Puppet::Type.newtype(:rabbitmq_plugin) do - desc 'manages rabbitmq plugins' - - ensurable do - defaultto(:present) - newvalue(:present) do - provider.create - end - newvalue(:absent) do - provider.destroy - end - end - - newparam(:name, :namevar => true) do - 'name of the plugin to enable' - newvalues(/^\S+$/) - end - -end diff --git a/modules/rabbitmq/lib/puppet/type/rabbitmq_policy.rb b/modules/rabbitmq/lib/puppet/type/rabbitmq_policy.rb deleted file mode 100644 index c7fb7064..00000000 --- a/modules/rabbitmq/lib/puppet/type/rabbitmq_policy.rb +++ /dev/null @@ -1,39 +0,0 @@ -Puppet::Type.newtype(:rabbitmq_policy) do - desc 'Native type for managing rabbitmq policy' - - ensurable do - defaultto(:present) - newvalue(:present) do - provider.create - end - newvalue(:absent) do - provider.destroy - end - end - - newparam(:name, :namevar => true) do - desc 'Name of policy' - newvalues(/^\S+$/) - end - - newparam(:vhost) do - desc 'Vhost for policy' - newvalues(/^\S+$/) - end - - newparam(:match) do - desc 'Regex match for policy' - end - - newparam(:policy) do - desc 'Policy to set' - end - - validate do - if self[:ensure] == :present and ! self[:policy] and ! self[:match] - raise ArgumentError, 'must set policy and match' unless self[:policy] and self[:match] - end - end - -end - diff --git a/modules/rabbitmq/lib/puppet/type/rabbitmq_user.rb b/modules/rabbitmq/lib/puppet/type/rabbitmq_user.rb deleted file mode 100644 index 9ad9c0f7..00000000 --- a/modules/rabbitmq/lib/puppet/type/rabbitmq_user.rb +++ /dev/null @@ -1,40 +0,0 @@ -Puppet::Type.newtype(:rabbitmq_user) do - desc 'Native type for managing rabbitmq users' - - ensurable do - defaultto(:present) - newvalue(:present) do - provider.create - end - newvalue(:absent) do - provider.destroy - end - end - - newparam(:name, :namevar => true) do - desc 'Name of user' - newvalues(/^\S+$/) - end - - # newproperty(:password) do - newparam(:password) do - desc 'User password to be set *on creation*' - end - - newproperty(:admin) do - desc 'rather or not user should be an admin' - newvalues(/true|false/) - munge do |value| - # converting to_s incase its a boolean - value.to_s.to_sym - end - defaultto :false - end - - validate do - if self[:ensure] == :present and ! self[:password] - raise ArgumentError, 'must set password when creating user' unless self[:password] - end - end - -end diff --git a/modules/rabbitmq/lib/puppet/type/rabbitmq_user_permissions.rb b/modules/rabbitmq/lib/puppet/type/rabbitmq_user_permissions.rb deleted file mode 100644 index 427da6ca..00000000 --- a/modules/rabbitmq/lib/puppet/type/rabbitmq_user_permissions.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:rabbitmq_user_permissions) do - desc 'Type for managing rabbitmq user permissions' - - ensurable do - defaultto(:present) - newvalue(:present) do - provider.create - end - newvalue(:absent) do - provider.destroy - end - end - - newparam(:name, :namevar => true) do - 'combination of user@vhost to grant privileges to' - newvalues(/^\S+@\S+$/) - end - - newproperty(:configure_permission) do - desc 'regexp representing configuration permissions' - validate do |value| - resource.validate_permissions(value) - end - end - - newproperty(:read_permission) do - desc 'regexp representing read permissions' - validate do |value| - resource.validate_permissions(value) - end - end - - newproperty(:write_permission) do - desc 'regexp representing write permissions' - validate do |value| - resource.validate_permissions(value) - end - end - - autorequire(:rabbitmq_vhost) do - [self[:name].split('@')[1]] - end - - autorequire(:rabbitmq_user) do - [self[:name].split('@')[0]] - end - - # I may want to dissalow whitespace - def validate_permissions(value) - begin - Regexp.new(value) - rescue RegexpError - raise ArgumentError, "Invalid regexp #{value}" - end - end - -end diff --git a/modules/rabbitmq/lib/puppet/type/rabbitmq_vhost.rb b/modules/rabbitmq/lib/puppet/type/rabbitmq_vhost.rb deleted file mode 100644 index 9dd0982d..00000000 --- a/modules/rabbitmq/lib/puppet/type/rabbitmq_vhost.rb +++ /dev/null @@ -1,19 +0,0 @@ -Puppet::Type.newtype(:rabbitmq_vhost) do - desc 'manages rabbitmq vhosts' - - ensurable do - defaultto(:present) - newvalue(:present) do - provider.create - end - newvalue(:absent) do - provider.destroy - end - end - - newparam(:name, :namevar => true) do - 'name of the vhost to add' - newvalues(/^\S+$/) - end - -end diff --git a/modules/rabbitmq/manifests/autouser.pp b/modules/rabbitmq/manifests/autouser.pp deleted file mode 100644 index 90758b78..00000000 --- a/modules/rabbitmq/manifests/autouser.pp +++ /dev/null @@ -1,32 +0,0 @@ -# == Define: rabbitmq::autouser -# -# Create a user in rabbitmq automatically for debian.org hosts -# Should automatically create a password -# -# === Parameters -# -# === Examples -# -# rabbitmq::autouser { 'master.debian.org': } -# -define rabbitmq::autouser () { - - $rabbit_password = hkdf('/etc/puppet/secret', "mq-client-${name}") - - rabbitmq_user { $name: - admin => false, - password => $rabbit_password, - provider => 'rabbitmqctl', - } - - rabbitmq_user_permissions { "${name}@dsa": - configure_permission => '.*', - read_permission => '.*', - write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user[$name], - Rabbitmq_vhost['dsa'] - ] - } -} diff --git a/modules/rabbitmq/manifests/config.pp b/modules/rabbitmq/manifests/config.pp deleted file mode 100644 index d6a26447..00000000 --- a/modules/rabbitmq/manifests/config.pp +++ /dev/null @@ -1,14 +0,0 @@ -# == Class: rabbitmq::config -# -# Sets up the rabbitmq config file -# -class rabbitmq::config { - - concat { '/etc/rabbitmq/rabbitmq.config': - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'], - owner => root, - group => $::root_group, - mode => '0644', - } -} diff --git a/modules/rabbitmq/manifests/init.pp b/modules/rabbitmq/manifests/init.pp deleted file mode 100644 index 33182da0..00000000 --- a/modules/rabbitmq/manifests/init.pp +++ /dev/null @@ -1,97 +0,0 @@ -# == Class: rabbitmq -# -# Top level class for all things rabbitmq -# -class rabbitmq ( - $cluster=false, - $clustermembers=[], - $clustercookie='', - $delete_guest_user=false, - $rabbit_num_ofiles=4096, - $master='' -) { - include rabbitmq::config - - package { 'rabbitmq-server': - ensure => installed, - } - - service { 'rabbitmq-server': - ensure => running, - enable => true, - require => Package['rabbitmq-server'] - } - - Service['rabbitmq-server'] -> Rabbitmq_user <| |> - Service['rabbitmq-server'] -> Rabbitmq_vhost <| |> - Service['rabbitmq-server'] -> Rabbitmq_user_permissions <| |> - - concat::fragment { 'rabbitmq_main_conf': - target => '/etc/rabbitmq/rabbitmq.config', - order => 00, - content => template('rabbitmq/rabbitmq.conf.erb'), - } - - concat::fragment { 'rabbit_foot': - target => '/etc/rabbitmq/rabbitmq.config', - order => 50, - content => "]}\n" - } - - concat::fragment { 'rabbitmq_conf_foot': - target => '/etc/rabbitmq/rabbitmq.config', - order => 99, - content => "].\n" - } - - file { '/etc/default/rabbitmq-server': - content => template('rabbitmq/rabbitmq.ulimit.erb'), - notify => Service['rabbitmq-server'] - } - - if $cluster { - if $clustercookie { - file { '/var/lib/rabbitmq': - ensure => directory, - mode => '0755', - owner => rabbitmq, - group => rabbitmq, - } - - file { '/var/lib/rabbitmq/.erlang.cookie': - content => $clustercookie, - mode => '0500', - owner => rabbitmq, - group => rabbitmq, - before => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'] - } - } - - if $::hostname != $master { - exec { 'reset_mq': - command => 'rabbitmqctl stop_app && rabbitmqctl reset > /var/lib/rabbitmq/.node_reset', - path => '/usr/bin:/bin:/usr/sbin:/sbin', - creates => '/var/lib/rabbitmq/.node_reset', - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'] - } - Exec['reset_mq'] -> Rabbitmq_user <| |> - Exec['reset_mq'] -> Rabbitmq_vhost <| |> - Exec['reset_mq'] -> Rabbitmq_user_permissions <| |> - } - } - - if $delete_guest_user { - rabbitmq_user { 'guest': - ensure => absent, - provider => 'rabbitmqctl', - } - } - - site::limit { 'rabbitmq_openfiles': - limit_user => rabbitmq, - limit_value => $rabbit_num_ofiles, - notify => Service['rabbitmq-server'] - } -} diff --git a/modules/rabbitmq/templates/rabbitmq.conf.erb b/modules/rabbitmq/templates/rabbitmq.conf.erb deleted file mode 100644 index 4d95f9ef..00000000 --- a/modules/rabbitmq/templates/rabbitmq.conf.erb +++ /dev/null @@ -1,12 +0,0 @@ -[ -{rabbit, [ -<% if @cluster -%> - {cluster_nodes, ['<%= @clustermembers.to_a.flatten.join("', '") %>']}, - {tcp_listen_options, [binary, - {packet, raw}, - {reuseaddr, true}, - {backlog, 128}, - {nodelay, true}, - {exit_on_close, false}, - {keepalive, true}]} -<% end -%> diff --git a/modules/rabbitmq/templates/rabbitmq.ulimit.erb b/modules/rabbitmq/templates/rabbitmq.ulimit.erb deleted file mode 100644 index d1544b39..00000000 --- a/modules/rabbitmq/templates/rabbitmq.ulimit.erb +++ /dev/null @@ -1 +0,0 @@ -ulimit -n <%= @rabbit_num_ofiles %> diff --git a/modules/roles/files/pubsub/rabbitmq-mgmt.config b/modules/roles/files/pubsub/rabbitmq-mgmt.config deleted file mode 100644 index c32d3e09..00000000 --- a/modules/roles/files/pubsub/rabbitmq-mgmt.config +++ /dev/null @@ -1,10 +0,0 @@ -,{rabbitmq_management, - [{listener, [ - {port, 15672}, - {ssl, true}, - {ssl_opts, [ - {cacertfile,"/etc/ssl/debian/certs/ca.crt"}, - {certfile,"/etc/ssl/debian/certs/thishost-server.crt"}, - {keyfile,"/etc/ssl/debian/keys/thishost-server.key"}]} - ]} -]} diff --git a/modules/roles/files/pubsub/rabbitmq.config b/modules/roles/files/pubsub/rabbitmq.config deleted file mode 100644 index f3b9f0cb..00000000 --- a/modules/roles/files/pubsub/rabbitmq.config +++ /dev/null @@ -1,7 +0,0 @@ - ,{ssl_listeners, [5671]}, - {ssl_options, [{cacertfile,"/etc/ssl/debian/certs/ca.crt"}, - {certfile,"/etc/ssl/debian/certs/thishost-server.crt"}, - {keyfile,"/etc/ssl/debian/keys/thishost-server.key"}, - {verify,verify_none}, - {fail_if_no_peer_cert,false}]} - diff --git a/modules/roles/manifests/pubsub.pp b/modules/roles/manifests/pubsub.pp index 8ebe3e70..86b5807a 100644 --- a/modules/roles/manifests/pubsub.pp +++ b/modules/roles/manifests/pubsub.pp @@ -8,32 +8,27 @@ class roles::pubsub { $cc_secondary = rapoport class { 'rabbitmq': - cluster => true, - clustermembers => [ + config_cluster => true, + cluster_nodes => [ "rabbit@${cc_master}", "rabbit@${cc_secondary}", ], - clustercookie => '8r17so6o1s124ns49sr08n0o24342160', + cluster_node_type => 'disc', + erlang_cookie => '8r17so6o1s124ns49sr08n0o24342160', delete_guest_user => true, - master => $cc_master, + tcp_keepalive => true, + ssl_only => true, + ssl => true, + ssl_cacert => '/etc/ssl/debian/certs/ca.crt', + ssl_cert => '/etc/ssl/debian/certs/thishost-server.crt', + ssl_key => '/etc/ssl/debian/keys/thishost-server.key', + manage_repo => false, } user { 'rabbitmq': groups => 'ssl-cert' } - concat::fragment { 'rabbit_ssl': - target => '/etc/rabbitmq/rabbitmq.config', - order => 35, - source => 'puppet:///modules/roles/pubsub/rabbitmq.config' - } - - concat::fragment { 'rabbit_mgmt_ssl': - target => '/etc/rabbitmq/rabbitmq.config', - order => 55, - source => 'puppet:///modules/roles/pubsub/rabbitmq-mgmt.config' - } - @ferm::rule { 'rabbitmq': description => 'rabbitmq connections', rule => '&SERVICE_RANGE(tcp, 5671, $HOST_DEBIAN_V4)' diff --git a/modules/roles/manifests/pubsub/entities.pp b/modules/roles/manifests/pubsub/entities.pp index 5248bbc7..d0c13f2b 100644 --- a/modules/roles/manifests/pubsub/entities.pp +++ b/modules/roles/manifests/pubsub/entities.pp @@ -21,243 +21,175 @@ class roles::pubsub::entities { rabbitmq_user { 'admin': admin => true, password => $admin_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'ftpteam': admin => false, password => $ftp_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'buildd': admin => false, password => $buildd_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'wbadm': admin => false, password => $wbadm_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'mailadm': admin => false, password => $mailadm_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'mailly': admin => false, password => $mailly_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'muffat': admin => false, password => $muffat_password, - provider => 'rabbitmqctl', } rabbitmq_user { 'pet-devel': admin => false, password => $pet_password, - provider => 'rabbitmqctl', } - $do_hosts = keys($site::localinfo) - - rabbitmq::autouser { $do_hosts: } - rabbitmq_vhost { 'packages': ensure => present, - provider => 'rabbitmqctl', } rabbitmq_vhost { 'buildd': ensure => present, - provider => 'rabbitmqctl', } rabbitmq_vhost { 'dsa': ensure => present, - provider => 'rabbitmqctl', } rabbitmq_vhost { 'pet': ensure => present, - provider => 'rabbitmqctl', } rabbitmq_user_permissions { 'admin@/': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => Rabbitmq_user['admin'] } rabbitmq_user_permissions { 'admin@buildd': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['admin'], - Rabbitmq_vhost['buildd'] - ] } rabbitmq_user_permissions { 'admin@dsa': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['admin'], - Rabbitmq_vhost['dsa'] - ] } rabbitmq_user_permissions { 'admin@packages': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['admin'], - Rabbitmq_vhost['packages'] - ] } rabbitmq_user_permissions { 'admin@pet': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['admin'], - Rabbitmq_vhost['pet'] - ] } rabbitmq_user_permissions { 'ftpteam@packages': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['ftpteam'], - Rabbitmq_vhost['packages'] - ] } rabbitmq_user_permissions { 'wbadm@packages': read_permission => 'unchecked', write_permission => 'wbadm', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['wbadm'], - Rabbitmq_vhost['packages'] - ] } rabbitmq_user_permissions { 'buildd@buildd': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['buildd'], - Rabbitmq_vhost['buildd'] - ] } rabbitmq_user_permissions { 'wbadm@buildd': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['wbadm'], - Rabbitmq_vhost['buildd'] - ] } rabbitmq_user_permissions { 'mailadm@dsa': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['mailadm'], - Rabbitmq_vhost['dsa'] - ] } rabbitmq_user_permissions { 'pet-devel@pet': configure_permission => '.*', read_permission => '.*', write_permission => '.*', - provider => 'rabbitmqctl', - require => [ - Rabbitmq_user['pet-devel'], - Rabbitmq_vhost['pet'] - ] } - rabbitmq_policy { 'mirror-dsa': - vhost => 'dsa', - match => '.*', - policy => '{"ha-mode":"all"}', - require => Rabbitmq_vhost['dsa'] + rabbitmq_policy { 'mirror-dsa@dsa': + pattern => '.*', + priority => 0, + applyto => 'all', + definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic', + }, } - rabbitmq_policy { 'mirror-buildd': - vhost => 'buildd', - match => '.*', - policy => '{"ha-mode":"all"}', - require => Rabbitmq_vhost['buildd'] + rabbitmq_policy { 'mirror-buildd@buildd': + pattern => '.*', + priority => 0, + applyto => 'all', + definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic', + }, } - rabbitmq_policy { 'mirror-packages': - vhost => 'packages', - match => '.*', - policy => '{"ha-mode":"all"}', - require => Rabbitmq_vhost['packages'] + rabbitmq_policy { 'mirror-packages@packages': + pattern => '.*', + priority => 0, + applyto => 'all', + definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic', + }, } - rabbitmq_policy { 'mirror_pet': - vhost => 'pet', - match => '.*', - policy => '{"ha-mode":"all"}', - require => Rabbitmq_vhost['pet'] + rabbitmq_policy { 'mirror_pet@pet': + pattern => '.*', + priority => 0, + applyto => 'all', + definition => { + 'ha-mode' => 'all', + 'ha-sync-mode' => 'automatic', + }, } rabbitmq_plugin { 'rabbitmq_management': ensure => present, - provider => 'rabbitmqplugins', - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'] } rabbitmq_plugin { 'rabbitmq_management_agent': ensure => present, - provider => 'rabbitmqplugins', - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'] } rabbitmq_plugin { 'rabbitmq_tracing': ensure => present, - provider => 'rabbitmqplugins', - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'] } rabbitmq_plugin { 'rabbitmq_management_visualiser': ensure => present, - provider => 'rabbitmqplugins', - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'] } }