openstack
/
puppet-qdr
Code Issues Proposed changes

Adjust yes/no to be booleans 

Change-Id: I28b76ae92c5a9ca773d0297483bd1f550b094e41
This commit is contained in:
Chris Sibbitt 2021-02-24 10:14:59 -05:00
parent 5c6da3e066
commit 43f80842c7
3 changed files with 64 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
manifests/init.pp
View File

@ -34,7 +34,7 @@
#
# [*listener_auth_peer*]
# (optional)
# Defaults to 'no'
# Defaults to false
#
# [*listener_idle_timeout*]
# (optional)
@ -51,11 +51,11 @@
#
# [*listener_require_encrypt*]
# (optional) Require the connection to the peer to be encrypted
# Defaults to 'no'
# Defaults to false
#
# [*listener_require_ssl*]
# (optional) Require the use of SSL or TLS on the connection
# Defaults to 'no'
# Defaults to false
#
# [*listener_sasl_mech*]
# (optional) List of accepted SASL auth mechanisms
@ -157,12 +157,12 @@ class qdr(
$enable_service = true,
$extra_listeners = [],
$listener_addr = '127.0.0.1',
$listener_auth_peer = 'no',
$listener_auth_peer = false,
$listener_idle_timeout = '16',
$listener_max_frame_size = '16384',
$listener_port = '5672',
$listener_require_encrypt = 'no',
$listener_require_ssl = 'no',
$listener_require_encrypt = false,
$listener_require_ssl = false,
$listener_sasl_mech = 'ANONYMOUS',
$listener_ssl_cert_db = undef,
$listener_ssl_cert_file = undef,
@ -196,9 +196,12 @@ class qdr(
validate_legacy(String, 'validate_string', $router_id)
validate_legacy(String, 'validate_string', $listener_addr)
validate_legacy(Integer, 'validate_re', $listener_port, ['\d+'])
validate_legacy(Enum['yes', 'no'], 'validate_re', $listener_auth_peer, ['^(yes$|no$)'])
validate_legacy(String, 'validate_string', $listener_sasl_mech)
$listener_auth_peer_bool = qdr::fixTruthy($listener_auth_peer)
$listener_require_encrypt_bool = qdr::fixTruthy($listener_require_encrypt)
$listener_require_ssl_bool = qdr::fixTruthy($listener_require_ssl)
# TODO (ansmith) - manage repo via openstack-extras
# if $::operatingsystem == 'Ubuntu' {
# include apt
@ -217,3 +220,17 @@ class qdr(
-> Class['::qdr::service']
}
function qdr::fixTruthy($truthyvar) >> Boolean {
if $truthyvar.is_a(String) {
validate_legacy(Enum['yes', 'no'], 'validate_re', $truthyvar, ['^(yes$|no$)'])
if $truthyvar == 'yes' {
return true
} elsif $truthyvar == 'no' {
return false
}
} else {
validate_legacy(Boolean, 'validate_bool', $truthyvar)
return $truthyvar
}
}

40
spec/classes/qdr_init_spec.rb
View File

@ -75,7 +75,7 @@ describe 'qdr' do
should contain_file('qdrouterd.conf').with_content(/workerThreads: 8/)
should contain_file('qdrouterd.conf').with_content(/host: 127.0.0.1/)
should contain_file('qdrouterd.conf').with_content(/port: 5672/)
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: no/)
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: false/)
should contain_file('qdrouterd.conf').with_content(/saslMechanisms: ANONYMOUS/)
should contain_file('qdrouterd.conf').without_content(/sslProfile {/)
should contain_file('qdrouterd.conf').without_content(/connector {/)
@ -90,7 +90,7 @@ describe 'qdr' do
:router_worker_threads => '4',
:listener_addr => '10.1.1.1',
:listener_port => '5671',
:listener_auth_peer => 'yes',
:listener_auth_peer => true,
:listener_sasl_mech => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
:connectors => [{'role' => 'inter-router'}],
:extra_listeners => [{'mode' => 'interior'}],
@ -102,7 +102,7 @@ describe 'qdr' do
should contain_file('qdrouterd.conf').with_content(/workerThreads: 4/)
should contain_file('qdrouterd.conf').with_content(/host: 10.1.1.1/)
should contain_file('qdrouterd.conf').with_content(/port: 5671/)
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: yes/)
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: true/)
should contain_file('qdrouterd.conf').with_content(/saslMechanisms: ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN/)
should contain_file('qdrouterd.conf').with_content(/role: inter-router/)
should contain_file('qdrouterd.conf').with_content(/mode: interior/)
@ -113,6 +113,25 @@ describe 'qdr' do
context 'with qdr ssl enabled' do
let :params do
{
:listener_require_ssl => true,
:listener_ssl_cert_db => '/etc/ssl/certs/ca-bundle.crt',
:listener_ssl_cert_file => '/etc/pki/ca-trust/source/anchors/puppet_qdr.pem',
:listener_ssl_key_file => '/etc/qpid-dispatch/ssl/puppet_qdr.pem',
}
end
it do
should contain_file('qdrouterd.conf').with_content(/sslProfile {/)
should contain_file('qdrouterd.conf').with_content(/certDb: \/etc\/ssl\/certs\/ca-bundle.crt/)
should contain_file('qdrouterd.conf').with_content(/certFile: \/etc\/pki\/ca-trust\/source\/anchors\/puppet_qdr.pem/)
should contain_file('qdrouterd.conf').with_content(/keyFile: \/etc\/qpid-dispatch\/ssl\/puppet_qdr.pem/)
end
end
context 'with qdr ssl enabled using backwards compatible truthy string' do
let :params do
{
:listener_require_ssl => 'yes',
@ -130,6 +149,21 @@ describe 'qdr' do
end
end
context 'with qdr ssl disabled using backwards compatible truthy string' do
let :params do
{
:listener_require_ssl => 'no',
:listener_ssl_cert_file => 'SHOULDNOTSHOWUP',
}
end
it do
should contain_file('qdrouterd.conf').without_content(/SHOULDNOTSHOWUP/)
end
end
end
on_supported_os({

6
templates/qdrouterd.conf.erb
View File

@ -29,7 +29,7 @@ router {
saslConfigName: <%= @router_sasl_name %>
}
<%- if @listener_require_ssl == 'yes' -%>
<%- if @listener_require_ssl_bool -%>
sslProfile {
name: <%= @router_id %>
certDb: <%= @listener_ssl_cert_db %>
@ -50,10 +50,10 @@ sslProfile {
listener {
host: <%= @listener_addr %>
port: <%= @listener_port %>
<%- if @listener_require_ssl == 'yes' -%>
<%- if @listener_require_ssl_bool -%>
sslProfile: <%= @router_id %>
<%- end -%>
authenticatePeer: <%= @listener_auth_peer %>
authenticatePeer: <%= @listener_auth_peer_bool %>
saslMechanisms: <%= @listener_sasl_mech %>
}